Summary and recommendation
Criteria, the pre-employment assessment platform, does not support SCIM provisioning on any plan. While Criteria offers SSO integration through Okta (using SWA) and basic SSO endpoints for other identity providers, there is no automated user provisioning capability. This creates a significant operational challenge for IT teams managing candidate assessment workflows, as user accounts must be manually created and managed in Criteria's system even when SSO is configured.
The lack of provisioning automation is particularly problematic for organizations conducting high-volume hiring, where hundreds or thousands of candidate assessments may be processed monthly. Without SCIM, IT teams face manual account creation bottlenecks, potential security gaps from orphaned accounts, and compliance challenges when audit trails require complete user lifecycle visibility across all systems - including assessment platforms that handle sensitive candidate data.
The strategic alternative
Criteria has no native SCIM. Automate offboarding, user access reviews, and license workflows across every app, including the ones without APIs. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | No |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ❌ | Criteria HireSelect integration uses SWA for sign-on. Supports Schema Discovery and Attribute Writeback but no automated user provisioning. |
| Microsoft Entra ID | Via third-party | ❌ | No Criteria Corp provisioning tutorial in Microsoft Entra gallery. SSO endpoint exists at hireselect.criteriacorp.com/SSO. |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Criteria accounts manually. Here's what that costs:
The Criteria pricing problem
Criteria gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Professional | From $1,200/year | ||
| Enterprise | Custom (avg ~$32,000/year) |
Pricing structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Professional | From $1,200/year | ||
| Enterprise | Custom (avg ~$32,000/year) |
Market data on Criteria costs
What this means in practice
Without SCIM provisioning, IT teams face manual user management at scale. For organizations conducting high-volume assessments:
Additional constraints
Summary of challenges
- Criteria does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What Criteria actually offers for identity
SSO Support (Enterprise pricing)
Criteria provides basic SSO integration for their HireSelect pre-employment assessment platform:
| Feature | Details |
|---|---|
| Protocol | SAML 2.0 |
| Supported IdPs | Custom SAML providers |
| Configuration | SSO endpoint: hireselect.criteriacorp.com/SSO |
| User requirement | Manual account creation required |
Critical limitation: Criteria's SSO is designed for candidate assessment workflows, not employee identity management. No automated user provisioning exists.
Okta Integration (via OIN)
The official Okta Integration Network listing for Criteria HireSelect shows:
| Feature | Supported? |
|---|---|
| SAML SSO | ❌ No |
| OIDC SSO | ❌ No |
| SWA (password vaulting) | ✓ Yes |
| Create users | ❌ No |
| Update users | ❌ No |
| Deactivate users | ❌ No |
| Group push | ❌ No |
| Schema Discovery | ✓ Yes |
| Attribute Writeback | ✓ Yes |
Translation: The Okta integration only provides password vaulting (SWA) plus basic attribute handling. No automated provisioning capabilities exist.
Microsoft Entra Integration
| Feature | Supported? |
|---|---|
| Gallery app | ❌ No |
| SAML SSO | ❌ No |
| OIDC SSO | ❌ No |
| SCIM provisioning | ❌ No |
No Microsoft Entra integration tutorial exists in their app gallery.
Bottom line: Criteria offers extremely limited identity features focused on candidate assessment workflows rather than employee provisioning. At $32,000/year average Enterprise pricing, you're paying premium rates for a platform that requires manual user management and lacks any automated provisioning capabilities.
What IT admins are saying
Criteria's lack of automated provisioning forces IT teams into manual account management for their pre-employment assessment platform:
- Manual user creation required even with SSO configured
- No automated deprovisioning when employees leave HR teams
- Enterprise pricing barrier ($32K average) for basic SSO functionality
- Limited integration options beyond Okta's basic SWA connection
Criteria HireSelect integration uses SWA for sign-on... no automated user provisioning.
User accounts must be manually managed in Criteria's platform regardless of your identity provider setup.
The recurring theme
HR teams end up managing Criteria access outside of centralized identity management, creating security gaps and administrative overhead when staff turnover occurs in recruiting departments.
The decision
| Your Situation | Recommendation |
|---|---|
| Small HR team managing <20 candidates at a time | Manual user management is workable |
| Occasional assessment campaigns with stable admin team | Manual management with Enterprise SSO for security |
| High-volume recruiting (100+ assessments/month) | Use Stitchflow: automation essential for candidate lifecycle |
| Multiple hiring managers across departments | Use Stitchflow: automated role-based access critical |
| Enterprise with compliance requirements | Use Stitchflow: automated audit trail for assessment access |
The bottom line
Criteria Corp offers powerful pre-employment assessments but zero provisioning automation—even their Enterprise plan requires manual user management. For organizations running high-volume recruiting or managing complex hiring workflows, Stitchflow delivers the automated user lifecycle management that Criteria Corp simply doesn't provide.
Make Criteria workflows AI-native
Criteria has no native SCIM. We build complete offboarding, user access reviews, and license workflows across every app, including the ones without APIs.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Plan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- No native SCIM provisioning support
- Okta integration is SSO (SWA) only, no automated provisioning
- Pre-employment assessment platform - users typically candidates, not employees
- Enterprise SSO available per security documentation
Documentation not available.
Configuration for Okta
Integration type
Okta Integration Network (OIN) app
Where to enable
Docs
Criteria HireSelect integration uses SWA for sign-on. Supports Schema Discovery and Attribute Writeback but no automated user provisioning.
Use Stitchflow for automated provisioning.
Unlock SCIM for
Criteria
Criteria has no native SCIM. We still automate end-to-end workflows across every app, including the ones without APIs.
See how it works
