Summary and recommendation
Bitrise supports native SCIM 2.0 provisioning, but only on Enterprise plans with custom pricing and a minimum 10-seat commitment. For teams on Starter or Pro plans, there's no path to automated user provisioning—you're limited to manual account management even with SSO configured. This creates a significant operational burden for IT teams managing developer access to CI/CD pipelines.
The pricing gap is particularly problematic for smaller development teams. Moving from Pro (build-based pricing) to Enterprise just for SCIM means paying for enterprise features like advanced security controls and priority support that many teams don't need. Without automated provisioning, IT admins must manually onboard developers, manage workspace memberships through groups, and handle offboarding—creating security risks when former employees retain access to build systems and deployment pipelines.
The strategic alternative
Bitrise gates SCIM behind Enterprise. Skip the Enterprise plan upgrade and automate complete outcomes across your stack. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | Yes |
| SCIM tier required | Enterprise |
| SSO required first? | Yes |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ✓ | OIN app with full provisioning |
| Microsoft Entra ID | ✓ | ✓ | Gallery app with SCIM |
| Google Workspace | ✓ | JIT only | SAML SSO with just-in-time provisioning |
| OneLogin | ✓ | ✓ | Supported |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Bitrise accounts manually. Here's what that costs:
The Bitrise pricing problem
Bitrise gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Plan Structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Starter | Custom (unlimited builds) | ||
| Pro | Custom (build-based pricing) | ||
| Enterprise | Custom (includes SSO/SCIM) |
Note: Bitrise also offers SAML SSO as an add-on to lower tiers, but SCIM requires either the Enterprise plan or the SSO add-on package.
What this means in practice
Bitrise uses custom pricing across all tiers, making cost analysis challenging. However, the Enterprise plan bundles SCIM with advanced features like:
For teams primarily needing CI/CD with basic user provisioning, this creates a forced upgrade to features they don't need.
Additional constraints
Summary of challenges
- Bitrise supports SCIM but only at Enterprise tier (Custom (includes SSO/SCIM))
- Google Workspace users get JIT provisioning only, not full SCIM
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What the upgrade actually includes
Bitrise doesn't sell SCIM standalone. It's bundled with Enterprise plan features that require custom pricing:
Enterprise pricing is completely custom - no published rates. The sales process typically starts at several thousand dollars annually, even for small teams that just need basic user provisioning.
Stitchflow Insight
If you need enterprise-grade CI/CD controls anyway, the upgrade makes sense. If you just want automated user management for your development workflows, you're paying enterprise prices for features most teams won't use. We estimate ~60% of Enterprise features are irrelevant for teams that only need SCIM provisioning.
What IT admins are saying
Community sentiment on Bitrise's SCIM implementation reveals frustration with enterprise gating and complexity barriers. Common complaints:
- Being locked out of SCIM unless you can justify Enterprise pricing
- Complex prerequisites requiring domain verification before SCIM setup
- Minimum 10-seat requirements that price out smaller development teams
- Custom pricing models that obscure true costs for essential security features
Had to abandon our Bitrise migration because SCIM is Enterprise-only. Our 6-person dev team can't justify enterprise pricing just for user provisioning.
The domain verification requirement before SCIM setup is unnecessarily complex. Why gate basic identity management behind so many hoops?
The recurring theme
Bitrise treats SCIM as a premium enterprise feature rather than basic security hygiene, forcing smaller teams to choose between automated provisioning and budget constraints.
The decision
| Your Situation | Recommendation |
|---|---|
| On Starter/Pro, need SCIM | Use Stitchflow: avoid the Enterprise upgrade and its minimum 10-seat requirement |
| Enterprise is cost-prohibitive | Use Stitchflow: get SCIM-level provisioning without custom pricing commitments |
| Need domain verification for SCIM setup | Use Stitchflow: bypass complex domain verification requirements |
| Already on Enterprise with SCIM included | Use native SCIM: you're paying for it in your plan |
| Small dev team, infrequent changes | Manual may work: but monitor for orphaned accounts as team grows |
The bottom line
Bitrise restricts SCIM to Enterprise plans with custom pricing and minimum seat requirements, putting automated provisioning out of reach for smaller development teams. For teams that want SCIM-level provisioning without the Enterprise commitment, Stitchflow delivers the automation at a predictable cost.
Make Bitrise workflows AI-native
Bitrise gates SCIM behind Enterprise. We build complete offboarding, user access reviews, and license workflows without that SCIM Tax upgrade.
Technical specifications
SCIM Version
2.0
Supported Operations
Create, Update, Deactivate, Groups
Supported Attributes
Not specifiedPlan requirement
Enterprise
Prerequisites
SSO must be configured first
Key limitations
- SCIM requires Enterprise plan or SAML SSO add-on
- Requires verified domain before configuring SCIM
- SCIM provisioning controls workspace membership via groups
- Minimum 10 seats required for Enterprise
Documentation not available.
Configuration for Entra ID
Integration type
Microsoft Entra Gallery app with SCIM provisioning
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Required credentials
Tenant URL (SCIM endpoint) and Secret token (bearer token from app admin console).
Configuration steps
Set Provisioning Mode = Automatic, configure SCIM connection.
Provisioning trigger
Entra provisions based on user/group assignments to the enterprise app.
Sync behavior
Entra provisioning runs on a scheduled cycle (typically every 40 minutes).
Bitrise supports SCIM with Microsoft Entra ID. Requires verified domain.
Bitrise gates SCIM behind Enterprise. Stitchflow automates complete workflows without that SCIM Tax upgrade.
Unlock SCIM for
Bitrise
Bitrise gates SCIM behind Enterprise plan. We automate complete offboarding and access reviews across your stack without that SCIM Tax upgrade.
See how it works
