Summary and recommendation
Fountain, the high-volume hiring platform focused on hourly workforce recruitment, does not support SCIM provisioning at all. While Fountain offers SAML SSO integration with Microsoft Entra ID (with Just-In-Time user provisioning that creates accounts on first login), there's no Okta integration and no automated user lifecycle management capabilities. This creates a significant operational burden for IT teams managing access to Fountain across recruiting teams, especially in organizations with high recruiter turnover or complex departmental hiring workflows.
The lack of proper provisioning support means IT administrators must manually create, update, and deprovision Fountain accounts for recruiting staff. Given Fountain's focus on high-volume hiring environments where recruiting teams often scale rapidly, this manual overhead becomes particularly problematic. Without automated deprovisioning, former employees retain access to sensitive candidate data and hiring workflows, creating compliance risks around data privacy and access governance.
The strategic alternative
Fountain has no native SCIM. That leaves a workflow gap in offboarding, access reviews, and license cleanup unless your team handles the app another way. Stitchflow builds and maintains the IT workflows your team still runs manually, across every app, including the ones without APIs.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | No |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | Via third-party | ❌ | No Okta OIN integration found for Fountain. |
| Microsoft Entra ID | ✓ | ❌ | Supports SSO (SP and IDP initiated) and Just-In-Time user provisioning. JIT provisioning is enabled by default - users created on first SSO login. |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Fountain accounts manually. Here's what that costs:
The Fountain pricing problem
Fountain gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Custom | Quote-based (~$10,000+/year) |
Provisioning capabilities
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Custom | Quote-based (~$10,000+/year) |
Identity provider support
What this means in practice
Without SCIM provisioning, IT teams must manually manage all user accounts in Fountain:
New hires: Users are created only when they first log in via SSO (JIT), but only if using Entra ID. No pre-provisioning of accounts or role assignments.
Role changes: No automated sync of department changes, role updates, or group memberships from your identity provider.
Offboarding: Departing employees retain access until manually deprovisioned in Fountain. No automated account suspension or access removal.
Additional constraints
Summary of challenges
- Fountain does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What Fountain actually offers for identity
Microsoft Entra ID Integration
Fountain provides basic SSO integration through Microsoft Entra ID:
| Feature | Supported? |
|---|---|
| SAML SSO | ✓ Yes (SP and IdP initiated) |
| Just-In-Time provisioning | ✓ Yes (enabled by default) |
| SCIM provisioning | ❌ No |
| Group management | ❌ No |
| User deprovisioning | ❌ No |
How JIT works: When users first log in via SSO, Fountain automatically creates their account. However, this is a one-time creation event—there's no ongoing synchronization of user attributes, group memberships, or lifecycle management.
Okta Integration
Fountain has no presence in the Okta Integration Network:
| Feature | Supported? |
|---|---|
| SAML SSO | ❌ No official integration |
| OIDC SSO | ❌ No official integration |
| SCIM provisioning | ❌ No |
| Password vaulting | ❌ No |
The Reality
Fountain's identity capabilities are minimal because the platform is designed for high-volume hourly workforce hiring, not enterprise user management. The lack of SCIM provisioning means:
For IT teams managing Fountain access at scale, this creates a significant administrative burden with manual user lifecycle management.
What IT admins are saying
Fountain's focus on high-volume hourly hiring creates gaps for enterprise IT provisioning needs:
- No automated user provisioning despite enterprise pricing starting around $10K/year
- Manual account management required even with SSO configured
- Limited integration options - no Okta marketplace presence
- JIT provisioning only works on first login, doesn't handle deprovisioning
User accounts must be manually managed in Fountain even with SSO enabled. The platform focuses on candidate workflows rather than employee lifecycle management.
Fountain's enterprise pricing but lack of SCIM support means we're paying premium rates for manual provisioning processes.
The recurring theme
Fountain positions itself as an enterprise recruiting platform with premium pricing, but lacks the automated provisioning capabilities IT teams expect at that price point, forcing manual user management for a system that should integrate seamlessly with existing identity workflows.
The decision
| Your Situation | Recommendation |
|---|---|
| Small recruiting team (<10 users) managing low-volume hiring | Manual management is acceptable |
| High-volume hourly workforce hiring with stable recruiting staff | Manual management with Entra SSO and JIT provisioning |
| Enterprise HR operations (50+ users) with frequent team changes | Use Stitchflow: automation essential for scale |
| Multi-location recruiting with compliance requirements | Use Stitchflow: automation essential for audit trail |
| Using Okta or other IdPs (non-Entra environments) | Use Stitchflow: only option for automated provisioning |
The bottom line
Fountain has no native SCIM. That means one more workflow gap in offboarding, access reviews, and license cleanup unless your team handles it another way.
Close the Fountain workflow gap
Fountain is one gap in a broader workflow. Stitchflow builds and maintains the offboarding, access review, or license workflow across every app in your environment.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Plan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- No native SCIM provisioning support
- No Okta OIN integration
- Entra ID supports SSO with JIT provisioning only
- Focused on high-volume hourly workforce, not enterprise user provisioning
Documentation not available.
Configuration for Entra ID
Integration type
Microsoft Entra Gallery app
Where to enable
Supports SSO (SP and IDP initiated) and Just-In-Time user provisioning. JIT provisioning is enabled by default - users created on first SSO login.
Use Stitchflow for automated provisioning.
Close the workflow gap in
Fountain
Fountain has no native SCIM. That leaves one more workflow gap in offboarding, access reviews, and license cleanup unless your team handles it another way.
Start with the free gap diagnostic
