Stitchflow
Back to directory
Aircall logo

Aircall SCIM guide

Connector Only

How to automate Aircall user provisioning, and what it actually costs

Summary and recommendation

Aircall, the cloud-based phone system for customer support and sales teams, does not offer native SCIM provisioning on any plan. While the platform does support SAML 2.0 SSO (available only through account manager request), user provisioning requires a third-party connector from Aquera that only works with Okta. This creates a problematic dependency on external vendors and limits IT teams to a single identity provider ecosystem, even on Aircall's Custom/Enterprise plan that starts at 25 users minimum with custom pricing.

The reliance on third-party provisioning connectors introduces operational risk and vendor lock-in that most IT teams want to avoid. Organizations using Azure AD, Google Workspace, or OneLogin are left with no automated provisioning option, forcing manual user management for a platform that handles sensitive customer communications. This gap becomes particularly problematic for growing support teams where rapid onboarding and offboarding is critical for maintaining security and compliance standards.

The strategic alternative

Aircall has no native SCIM. Automate offboarding, user access reviews, and license workflows across every app, including the ones without APIs. We maintain the integration layer underneath. You focus on judgment, not plumbing.

Quick SCIM facts

SCIM available?No
SCIM tier requiredN/A
SSO required first?No
SSO available?Yes
SSO protocolSAML 2.0
DocumentationNot available

Supported identity providers

IdPSSOSCIMNotes
OktaVia third-partyNo native SCIM. Aquera connector provides create, update, deactivate, delete users. SOC 2 Type II audited service. Aircall planning native Okta OIN integration.
Microsoft Entra IDVia third-partyNo Azure AD/Entra ID SCIM integration documented.
Google WorkspaceVia third-partyNo native support
OneLoginVia third-partyNo native support

The cost of not automating

Without SCIM (or an alternative like Stitchflow), your IT team manages Aircall accounts manually. Here's what that costs:

Source: Stitchflow aggregate data across apps with 2+ instances, normalized to 500 employees
Orphaned accounts (ex-employees with access)7
Unused licenses12
IT hours spent on manual management/year101 hours
Unused license cost/year$3,925
IT labor cost/year$6,088
Cost of compliance misses/year$1,741
Total annual financial impact$11,754

The Aircall pricing problem

Aircall gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.

Tier comparison

PlanPriceSSOSCIM
Essentials$30/user/month (annual)
Professional$50/user/month (annual)
Custom/EnterpriseContact sales (25-user minimum)
⚠️ Okta only (via Aquera)

Pricing structure

PlanPriceSSOSCIM
Essentials$30/user/month (annual)
Professional$50/user/month (annual)
Custom/EnterpriseContact sales (25-user minimum)
⚠️ Okta only (via Aquera)

What this means in practice

For a 100-user organization on Professional plans ($50/user/month), upgrading to Custom for provisioning functionality means:

Current cost
$60,000/year (100 users × $50 × 12 months)
Enterprise cost
Unknown (custom pricing, 25+ user minimum required)
Additional dependency
Aquera third-party connector service

The real problem is architectural: Aircall built their platform without identity management in mind, forcing customers to rely on external solutions that create additional failure points.

Additional constraints

Single IdP limitation
Only works with Okta through Aquera - no support for Azure AD, Google Workspace, or other identity providers
Third-party dependency
Your provisioning reliability depends on Aquera's uptime and maintenance schedule
SSO gatekeeping
SAML SSO requires manual approval from your Aircall account manager - it's not self-service even on enterprise plans
Limited SAML support
No IdP-initiated sign-in supported, reducing user experience flexibility
High minimums
25-user minimum for any enterprise features creates cost barriers for smaller teams

Summary of challenges

  • Aircall does not provide native SCIM at any price tier
  • Organizations must rely on third-party tools or manual provisioning
  • Our research shows teams manually provisioning this app spend significant hidden costs annually

What Aircall actually offers for identity

No Native SCIM Support

Aircall does not offer native SCIM provisioning. The only automated provisioning option requires a third-party connector:

FeatureSupport Level
Native SCIM❌ None
Okta provisioning✓ Via Aquera third-party connector only
Azure AD/Entra provisioning❌ None
Google Workspace provisioning❌ None
Generic SCIM❌ None

SAML SSO (Limited Availability)

Aircall's SSO implementation has significant restrictions:

SettingDetails
ProtocolSAML 2.0
AvailabilityLimited - must request from account manager
Self-service setup❌ No
IdP-initiated login❌ Not supported
JIT provisioning❌ No

Critical limitation: SSO is not available as a standard feature. You must contact your Aircall account manager to request SSO enablement, and approval is not guaranteed.

Aquera Third-Party Connector (Okta Only)

The only provisioning option uses Aquera's third-party service:

Supported operations
Create, update, deactivate, delete users
Required plan
Custom/Enterprise (25-user minimum, custom pricing)
Dependency risk
Relies on third-party Aquera service for core identity functionality
Limited scope
Okta only - no support for other identity providers

Why this falls short: Third-party connectors introduce additional points of failure, vendor dependencies, and security considerations. You're essentially trusting a connector service to maintain uptime and security for your identity workflows, with no direct support relationship if issues arise.

What IT admins are saying

Community sentiment on Aircall's identity management reveals significant frustrations around their third-party dependency and enterprise gatekeeping:

  • No native SCIM support forces reliance on third-party connectors like Aquera
  • SSO requires special approval from account managers rather than self-service setup
  • High 25-user minimum just to access enterprise features like automated provisioning
  • Even higher-tier plans include only one phone number, forcing additional per-number fees

SSO not self-service - must contact account manager to enable

IT admin feedback

IDP-initiated SAML sign-in not supported

Aircall support documentation

SSO limited availability - must request from account manager

Aircall SAML documentation

The recurring theme

Aircall treats identity management as a premium service requiring sales conversations and third-party vendors, rather than a standard IT requirement. Teams end up paying enterprise prices and managing additional vendor relationships just to automate basic user lifecycle tasks.

The decision

Your SituationRecommendation
Small call center (<25 agents)Manual management acceptable, but watch for growth
Growing team approaching 25+ usersUse Stitchflow: avoid the Custom plan jump and third-party complexity
Enterprise with Okta requiring automationEvaluate Aquera connector vs. Stitchflow simplicity
Multi-IdP environment (Entra, Google Workspace)Use Stitchflow: Aquera only supports Okta
Compliance-focused organizationUse Stitchflow: direct SCIM beats third-party dependency

The bottom line

Aircall forces you into expensive Custom plans and third-party connectors for basic provisioning automation. With no native SCIM and SSO requiring account manager approval, Stitchflow delivers the modern identity management that Aircall should have built.

Make Aircall workflows AI-native

Aircall has no native SCIM. We build complete offboarding, user access reviews, and license workflows across every app, including the ones without APIs.

Covers apps without native SCIM, including the ones without APIs
Less than a week, start to finish (~2 hours of your time)
Built with your team; extend to anything else in the company
Book a Demo

Technical specifications

SCIM Version

Not specified

Supported Operations

Not specified

Supported Attributes

No native SCIM support - requires third-party Aquera connectorSAML SSO only available to select customers via account manager requestIDP-initiated SAML sign-in not supported25-user minimum for Custom (enterprise) plan

Plan requirement

Not specified

Prerequisites

Not specified

Key limitations

  • No native SCIM support - requires third-party Aquera connector
  • SAML SSO only available to select customers via account manager request
  • IDP-initiated SAML sign-in not supported
  • 25-user minimum for Custom (enterprise) plan

Documentation not available.

Configuration for Okta

Integration type

Okta Integration Network (OIN) app

Where to enable

Okta Admin Console → Applications → Aircall → Sign On

Docs

Okta integration

No native SCIM. Aquera connector provides create, update, deactivate, delete users. SOC 2 Type II audited service. Aircall planning native Okta OIN integration.

Use Stitchflow for automated provisioning.

Unlock SCIM for
Aircall

Aircall has no native SCIM. We still automate end-to-end workflows across every app, including the ones without APIs.

See how it works
Admin Console
Directory
Applications
Aircall logo
Aircall
via Stitchflow

Last updated: 2026-01-11

* Pricing and features sourced from public documentation.

Keep exploring

Related apps

6sense logo

6sense

No SCIM

B2B Revenue Intelligence / ABM

ProvisioningNot Supported
Manual Cost$11,754/yr

6sense, the B2B revenue intelligence platform, has paused SCIM provisioning for new customers until Q4 2026. While existing customers with SCIM enabled can continue using it, new implementations are limited to JIT (Just-In-Time) provisioning through SAML SSO. This creates a significant gap for IT teams managing revenue intelligence access, as JIT only creates users on first login and provides minimal attribute mapping (email, first name, last name only). For an enterprise platform with typical pricing of $55,000-$130,000 annually, the absence of automated user lifecycle management is a substantial limitation. The lack of SCIM until Q4 2026 forces IT teams into manual provisioning workflows for a platform handling sensitive revenue data. While SAML SSO handles authentication, it doesn't address user lifecycle events like role changes, department transfers, or offboarding. This creates compliance risks in revenue teams where access to prospect data and sales intelligence must be tightly controlled. The nearly two-year wait for SCIM restoration means organizations implementing 6sense today face manual user management for the foreseeable future.

View full guide
ActiveCampaign logo

ActiveCampaign

No SCIM

Marketing Automation / Email

ProvisioningNot Supported
Manual Cost$11,754/yr

ActiveCampaign, the marketing automation platform, does not offer native SCIM provisioning on any plan. While the Enterprise plan ($145+/month) includes SAML 2.0 SSO with just-in-time (JIT) provisioning, this only creates user accounts on first login—there's no automated deprovisioning when employees leave or change roles. New SSO users are automatically added to a generic "SSO Users" group with configurable permissions, but IT teams have no way to programmatically manage user lifecycles or enforce granular access controls based on department or role changes. This creates a significant gap for marketing teams that need to manage access to customer data and campaign tools. When employees leave the company or change departments, their ActiveCampaign access must be manually revoked, creating compliance risks and potential data exposure. The lack of automated deprovisioning means former employees could theoretically retain access to sensitive marketing data and customer information until someone manually removes them from the platform.

View full guide
Adyen logo

Adyen

No SCIM

Payments / Fintech

ProvisioningNot Supported
Manual Cost$11,754/yr

Adyen offers SCIM 2.0 provisioning, but only through Okta's integration—there's no native SCIM endpoint. This creates a significant vendor lock-in scenario where your provisioning capabilities are entirely dependent on using Okta as your identity provider. Teams using Azure Entra, Google Workspace, or OneLogin are left with manual user management despite Adyen supporting SAML SSO with these platforms. The Okta integration itself requires maintaining a company account (not just a merchant account) and keeping at least one non-SSO admin for troubleshooting, adding operational complexity. For payment platforms handling sensitive financial data, this provisioning gap creates serious compliance risks. Your finance team, payment operations staff, and developers need timely access to process transactions and manage risk controls, but without automated provisioning, you're stuck with manual onboarding that can delay critical payment operations. The requirement to maintain non-SSO admin accounts also creates a security backdoor that compliance auditors will flag.

View full guide