Summary and recommendation
Dropbox Business supports SCIM 2.0 provisioning on Standard plans and above ($15/user/month), with solid integration across major identity providers including Okta, Azure AD, and Google Workspace. However, there's a critical architectural limitation: Dropbox Sign (formerly HelloSign) operates as a separate product that doesn't support SCIM at all, despite being a core part of many organizations' document workflows.
This creates a significant provisioning gap for IT teams. While your main Dropbox storage accounts can be automatically managed, any users who need access to Dropbox Sign must be manually provisioned and deprovisioned. For organizations relying on both products, this means maintaining hybrid workflows where some users are automated and others require manual intervention—exactly the kind of inconsistency that leads to compliance issues and security gaps during employee transitions.
The strategic alternative
Stitchflow provides unified provisioning automation across all Dropbox products, including Dropbox Sign, without requiring enterprise upgrades. Works with any Dropbox Business plan. Flat pricing under $5K/year, regardless of team size.
Quick SCIM facts
| SCIM available? | Yes |
| SCIM tier required | Business |
| SSO required first? | Yes |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Official docs |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ✓ | OIN app with full provisioning |
| Microsoft Entra ID | ✓ | ✓ | Gallery app with SCIM |
| Google Workspace | ✓ | JIT only | SAML SSO with just-in-time provisioning |
| OneLogin | ✓ | ✓ | Supported |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Dropbox accounts manually. Here's what that costs:
The Dropbox pricing problem
Dropbox gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Plan Structure (Minimum 3 Users, Billed Monthly)
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Professional | $12/user/mo | ||
| Standard | $15/user/mo | ||
| Advanced | $20/user/mo | ||
| Enterprise | ~$24/user/mo |
Note: Annual billing provides 20% discount. SCIM 2.0 available through Azure AD and Google Cloud Identity integrations.
What this means in practice
Using current list prices (Professional → Standard for SCIM access):
| Team Size | Annual Upgrade Cost | Monthly Upgrade Cost |
|---|---|---|
| 25 users | +$900/year | +$75/month |
| 50 users | +$1,800/year | +$150/month |
| 100 users | +$3,600/year | +$300/month |
Calculation: $3/user difference × users × billing period
Additional constraints
Summary of challenges
- Dropbox supports SCIM but only at Business tier (~$24/user/mo)
- Google Workspace users get JIT provisioning only, not full SCIM
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What the upgrade actually includes
Dropbox doesn't sell SCIM à la carte. It's bundled with their Standard plan and above business features:
If you need comprehensive file sharing governance, the Standard plan ($15/user/month) delivers solid value. But if you're upgrading purely for automated provisioning, roughly 60% of the business features won't apply to your use case. And the Dropbox Sign gap means you're still managing identity manually for document workflows.
Stitchflow Insight
Dropbox Sign (HelloSign) has no SCIM support despite being part of the business ecosystem. You'll manage two separate user bases.
What IT admins are saying
Community sentiment on Dropbox's fragmented SCIM support is increasingly frustrated. Common complaints:
- Dropbox Sign (HelloSign) completely lacks SCIM despite being a core business tool
- Migration headaches from deprecated Azure AD connectors to SCIM 2.0
- Feature inconsistency across Dropbox products creates operational complexity
- Having to manage multiple provisioning workflows for what feels like one platform
It's frustrating that we can automate Dropbox but still have to manually manage HelloSign users. They're the same company but feel like completely different systems.
Had to scramble to migrate our Azure connector when they deprecated the old one. Would have been nice to get more warning about the SCIM 2.0 requirement.
The recurring theme
Dropbox's product fragmentation means IT teams can't rely on consistent SCIM coverage across their file storage and document signing workflows, creating operational gaps despite paying for "unified" Dropbox Business.
The decision
| Your Situation | Recommendation |
|---|---|
| On Professional plan, need SCIM | Use Stitchflow: avoid the $15-24/user/month Standard upgrade |
| Using Dropbox Sign, need provisioning | Use Stitchflow: Dropbox Sign has no SCIM support |
| Already on Standard/Advanced/Enterprise | Use native SCIM: you're paying for it |
| Mixed Dropbox + Dropbox Sign environment | Use Stitchflow: covers both products uniformly |
| Small team, infrequent user changes | Manual may work: but watch for security gaps |
The bottom line
Dropbox's tier restrictions mean SCIM requires upgrading from Professional ($12/user/month) to Standard ($15/user/month) or higher, while Dropbox Sign users have no native option at all. For teams wanting provisioning automation without plan upgrades or product limitations, Stitchflow provides comprehensive coverage across both Dropbox products.
Automate Dropbox without the tier upgrade
Stitchflow delivers SCIM-level provisioning through resilient browser automation, backed by 24/7 human in the loop for Dropbox at <$5K/year, flat, regardless of team size.
Technical specifications
SCIM Version
2.0
Supported Operations
Create, Update, Deactivate, Groups
Supported Attributes
Not specifiedPlan requirement
Business
Prerequisites
SSO must be configured first
Key limitations
- Dropbox Sign (HelloSign) does NOT support SCIM
- Need to migrate to new SCIM 2.0 connector for Azure AD
- SCIM functionality varies by product (Dropbox vs Dropbox Sign)
Configuration for Okta
Integration type
Okta Integration Network (OIN) app with SCIM provisioning
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Required credentials
SCIM endpoint URL and bearer token (generated in app admin console).
Configuration steps
Enable Create Users, Update User Attributes, and Deactivate Users.
Provisioning trigger
Okta provisions based on app assignments (users or groups).
Full SCIM provisioning with group push, silent provisioning (no welcome emails), and offboarding workflows. Supports AD/LDAP sync. Granular control over deactivation actions. Schema discovery and attribute writeback supported.
Native SCIM is available on Business. Use Stitchflow if you need provisioning without the tier upgrade.
Configuration for Entra ID
Integration type
Microsoft Entra Gallery app with SCIM provisioning
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Required credentials
Tenant URL (SCIM endpoint) and Secret token (bearer token from app admin console).
Configuration steps
Set Provisioning Mode = Automatic, configure SCIM connection.
Provisioning trigger
Entra provisions based on user/group assignments to the enterprise app.
Sync behavior
Entra provisioning runs on a scheduled cycle (typically every 40 minutes).
Migrate to new SCIM 2.0 connector (old connector deprecated). Supports automatic user provisioning and group sync. Configure in Azure Portal > Enterprise Applications > Provisioning. Requires DocuSign admin with at least Cloud App Administrator role.
Native SCIM is available on Business. Use Stitchflow if you need provisioning without the tier upgrade.
Unlock SCIM for
Dropbox
Stop paying the SCIM Tax for Dropbox. Get enterprise-grade SCIM at a fraction of the enterprise plan cost.
See how it works
