Summary and recommendation
Carta offers SCIM provisioning, but only through their Okta connector and requires the Scale plan (starting at $67,200-$112,000/year for 500+ stakeholders). While Okta integration supports Group Linking, Schema Discovery, and Attribute Writeback, this leaves organizations using other identity providers like Entra ID, Google Workspace, or OneLogin without native provisioning options. For a platform managing highly sensitive equity data across finance teams, legal, executives, HR, and employees, this creates a significant gap in user lifecycle automation.
The enterprise pricing barrier compounds the problem. Most growing companies need SCIM automation well before they reach the Scale plan's stakeholder thresholds, yet they're forced to manually manage user provisioning for one of their most security-critical applications. This manual process increases the risk of orphaned accounts with access to confidential cap table data and creates administrative overhead for IT teams managing role-based access that varies by vesting schedules and equity positions.
The strategic alternative
Carta has no native SCIM. Automate offboarding, user access reviews, and license workflows across every app, including the ones without APIs. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | No |
| SSO available? | Yes |
| SSO protocol | SAML 2.0, OIDC |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ❌ | No SCIM available |
| Microsoft Entra ID | ✓ | ❌ | No SCIM available |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Carta accounts manually. Here's what that costs:
The Carta pricing problem
Carta gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Launch | $280/year (25 stakeholders) | ||
| Starter | $2,800/year (50 stakeholders) | ||
| Growth | $6,000-$16,000/year (100-200 stakeholders) | ||
| Scale | $67,200-$112,000/year (500+ stakeholders) | ||
| Enterprise | Custom pricing |
Pricing structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Launch | $280/year (25 stakeholders) | ||
| Starter | $2,800/year (50 stakeholders) | ||
| Growth | $6,000-$16,000/year (100-200 stakeholders) | ||
| Scale | $67,200-$112,000/year (500+ stakeholders) | ||
| Enterprise | Custom pricing |
What this means in practice
For a company with 100 stakeholders on Growth ($16,000/year), adding SSO requires upgrading to Scale at $67,200/year minimum - a 320% price increase just to enable basic identity management.
The stakeholder threshold creates an artificial floor: even if you only need SSO for 10 administrators, you're paying for 500+ stakeholder capacity because that's where SSO becomes available.
Additional constraints
Summary of challenges
- Carta does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What Carta actually offers for identity
SAML SSO (Scale plan required)
Carta supports federated SSO starting at the Scale plan ($67,200-$112,000/year):
| Setting | Details |
|---|---|
| Protocol | SAML 2.0, OIDC |
| Supported IdPs | Okta, Azure AD, Rippling, generic SAML/OIDC |
| JIT Provisioning | ✓ Yes |
| SP-initiated | ✓ Yes |
| IdP-initiated | ✓ Yes |
| User requirement | JIT creates accounts automatically |
SCIM Provisioning (Okta only)
User provisioning is available through Okta's official integration:
| Feature | Supported? |
|---|---|
| Create users | ✓ Yes |
| Update users | ✓ Yes |
| Deactivate users | ✓ Yes |
| Group push | ✓ Yes (Group Linking) |
| Attribute writeback | ✓ Yes |
| Schema discovery | ✓ Yes |
Major limitation: SCIM provisioning only works with Okta. Teams using Azure AD, Google Workspace, or OneLogin get SSO but no automated provisioning.
What's missing for multi-IdP environments
The Scale plan pricing ($67K-$112K annually) includes extensive equity management features like 409A valuations, advanced reporting, and multi-entity support. For IT teams that simply need SCIM across multiple identity providers, roughly 90% of these features are irrelevant to access management needs.
More critically, Carta's SCIM connector only works with Okta, leaving Azure AD and Google Workspace customers without automated user lifecycle management despite paying enterprise-tier pricing.
What IT admins are saying
Community sentiment on Carta's provisioning reveals frustration with plan restrictions and limited automation:
- Scale plan required for SSO, forcing costly upgrades just for basic identity features
- SCIM provisioning only available through Okta connector, excluding other identity providers
- Enterprise features require custom pricing conversations with no transparent costs
- Manual user management persists despite premium pricing
SSO for company admins on Scale plan
Enterprise pricing not transparent
The recurring theme
Carta gates essential identity management features behind expensive plans, forcing organizations to pay $67K+ annually or manage users manually. Even then, SCIM provisioning is limited to Okta users only.
The decision
| Your Situation | Recommendation |
|---|---|
| Small startup (<25 stakeholders) | Manual management acceptable on Launch plan |
| Growing company with basic SSO needs | Upgrade to Scale plan for native SSO |
| Enterprise using Okta for provisioning | Use Okta's SCIM connector if already invested |
| Multi-IdP environment or non-Okta users | Use Stitchflow: works with any IdP at predictable cost |
| Scale plan budget concerns ($67K+ annually) | Use Stitchflow: build complete workflows across every app in less than a week (~2 hours of your time). |
The bottom line
Carta offers SCIM provisioning through Okta's connector, but only after committing to their expensive Scale plan ($67K+ annually). For equity management teams that need provisioning automation without the hefty price tag or Okta lock-in, Stitchflow delivers the same automation capabilities at a fraction of the cost.
Make Carta workflows AI-native
Carta has no native SCIM. We build complete offboarding, user access reviews, and license workflows across every app, including the ones without APIs.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Plan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- SSO only available on Scale plan
- SCIM provisioning via Okta connector
- Enterprise SSO/SCIM features require contacting vendor
Documentation not available.
Configuration for Okta
Integration type
Okta Integration Network (OIN) app
Where to enable
Docs
Enterprise required for SCIM
Use Stitchflow for automated provisioning.
Unlock SCIM for
Carta
Carta has no native SCIM. We still automate end-to-end workflows across every app, including the ones without APIs.
See how it works
