Summary and recommendation
Favro supports native SCIM 2.0 provisioning, but only on its Enterprise plan at $64/month minimum (for 2+ users). This creates a significant barrier for smaller dev teams and game studios who need automated user management but can't justify the 5x price jump from Lite ($10.20/month) or the 2x jump from Standard ($25.50/month). The Enterprise requirement means you're paying for advanced features like GDPR compliance tools and timesheet reports just to get basic user provisioning.
For development teams managing project access across multiple boards and collections, manual user management becomes a serious bottleneck. SSO alone doesn't solve the core problem of ensuring developers get appropriate project permissions when they join or change teams. Without automated provisioning, new hires wait for manual setup while departing team members retain access to sensitive project data longer than necessary.
The strategic alternative
Favro gates SCIM behind Enterprise ($64/month). That can unlock provisioning, but it still does not complete the offboarding, access review, or license workflow across the rest of your stack. Stitchflow builds and maintains the IT workflows your team still runs manually, across every app, including the ones without APIs.
Quick SCIM facts
| SCIM available? | Yes |
| SCIM tier required | Custom |
| SSO required first? | Yes |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Official docs |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ✓ | OIN app with full provisioning |
| Microsoft Entra ID | ✓ | ✓ | Gallery app with SCIM |
| Google Workspace | ✓ | JIT only | SAML SSO with just-in-time provisioning |
| OneLogin | ✓ | ✓ | Supported |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Favro accounts manually. Here's what that costs:
The Favro pricing problem
Favro gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Plan Structure (Billed Monthly)
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Lite | $6/user/month | ||
| Standard | $16/user/month | ||
| Enterprise | $12.75/user/month* |
*Enterprise pricing shown is for small teams; contact sales required for 100+ users
What this means in practice
The unusual aspect of Favro's pricing is that Enterprise is actually cheaper per-user than Standard at scale, but requires jumping from basic Lite plans:
| Team Size | Upgrade from Lite | Upgrade from Standard |
|---|---|---|
| 25 users | +$2,025/year | -$975/year |
| 50 users | +$4,050/year | -$1,950/year |
| 100 users | Contact sales | Contact sales |
Calculation: (Enterprise $12.75 - Current tier) × users × 12 months
However, the real friction comes from Favro's bucket pricing model and sales requirements for larger teams.
Additional constraints
Summary of challenges
- Favro supports SCIM but only at Custom tier ($12.75/user/month or $25.50/month for 2 users (Enterprise) - contact sales for 100+ users)
- Google Workspace users get JIT provisioning only, not full SCIM
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What the upgrade actually includes
Favro doesn't sell SCIM standalone. It's bundled with Enterprise features at $64/month minimum (for 5 users):
Stitchflow Insight
The Enterprise plan targets larger development teams that need comprehensive governance. If you're a small team that just wants automated user provisioning, you're paying for project management compliance features you likely won't use. We estimate ~60% of Enterprise features are irrelevant for teams that only need SCIM automation.
What IT admins are saying
Community sentiment on Favro's SCIM implementation is mixed, with appreciation for the feature set tempered by concerns about pricing and technical quirks.
- Enterprise plan requirement creates a significant price jump for smaller teams
- Azure Entra integration requires special URL parameters that aren't well documented
- Default provisioning as "Full Member" role requires custom claims configuration
- Limited community discussion suggests narrow adoption outside game development teams
The recurring theme
While Favro's SCIM works well for its target audience of development teams, the Enterprise pricing gate and technical configuration requirements create barriers for organizations that just need basic automated provisioning.
The decision
| Your Situation | Recommendation |
|---|---|
| On Lite or Standard, need SCIM | Use Stitchflow: avoid the $64/month minimum Enterprise tier |
| Small team (under 5 users) with SCIM needs | Use Stitchflow: Enterprise pricing makes native SCIM cost-prohibitive |
| Already on Enterprise plan | Use native SCIM: you're paying for it already |
| Need Enterprise features beyond SCIM | Evaluate Enterprise upgrade: SCIM comes bundled with advanced reporting |
| Low employee turnover, basic project access | Manual may work: but monitor for security gaps in board permissions |
The bottom line
Favro gates SCIM behind Enterprise ($64/month). The upgrade may unlock provisioning, but the workflow still has to complete across the rest of your stack.
Close the Favro workflow gap
Favro gates SCIM behind Enterprise ($64/month), but the bigger issue is the workflow around it. Stitchflow builds and maintains the offboarding, access review, or license workflow underneath.
Technical specifications
SCIM Version
2.0
Supported Operations
Create, Update, Deactivate, Groups
Supported Attributes
Not specifiedPlan requirement
Custom
Prerequisites
SSO must be configured first
Key limitations
- Enterprise plan required ($64/month)
- Azure Entra requires special URL parameter
- Users provisioned as Full Member by default (customizable via favroRole claim)
Configuration for Okta
Integration type
Okta Integration Network (OIN) app with SCIM provisioning
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Required credentials
SCIM endpoint URL and bearer token (generated in app admin console).
Configuration steps
Enable Create Users, Update User Attributes, and Deactivate Users.
Provisioning trigger
Okta provisions based on app assignments (users or groups).
SAML 2.0 SSO + SCIM provisioning. Supports auto-provisioning and disabling of SAML accounts. IP whitelisting via IdP on Enterprise.
Favro gates SCIM behind Enterprise ($64/month). The upgrade may unlock provisioning, but the workflow still has to complete across the rest of your stack.
Configuration for Entra ID
Integration type
Microsoft Entra Gallery app with SCIM provisioning
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Required credentials
Tenant URL (SCIM endpoint) and Secret token (bearer token from app admin console).
Configuration steps
Set Provisioning Mode = Automatic, configure SCIM connection.
Provisioning trigger
Entra provisions based on user/group assignments to the enterprise app.
Sync behavior
Entra provisioning runs on a scheduled cycle (typically every 40 minutes).
Azure Entra requires special URL parameter. Users provisioned as Full Member by default (customizable via favroRole claim).
Favro gates SCIM behind Enterprise ($64/month). The upgrade may unlock provisioning, but the workflow still has to complete across the rest of your stack.
Close the workflow gap in
Favro
Favro gates SCIM behind Enterprise ($64/month) plan. That can unlock provisioning, but it still does not complete the offboarding, access review, or license workflow across your stack, and it can add a 113% markup just to get there.
Start with the free gap diagnostic
