Summary and recommendation
Mailjet, the email delivery platform, does not support SCIM provisioning on any plan. While Mailjet offers SAML 2.0 SSO integration on Premium 100k+ and Custom plans, this only handles authentication for existing users—not user lifecycle management. IT teams must manually create, update, and deactivate user accounts in Mailjet, creating significant operational overhead for organizations managing email marketing teams and developers across multiple projects.
This gap between authentication and provisioning creates real compliance risks. Without automated deprovisioning, former employees retain access to email campaigns, subscriber lists, and API keys until someone manually removes them. For organizations using Mailjet to send transactional emails or manage customer communications, this manual process violates basic access management principles and creates potential data exposure.
The strategic alternative
Mailjet has no native SCIM. Automate offboarding, user access reviews, and license workflows across every app, including the ones without APIs. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | No |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | Via third-party | ❌ | SSO via SAML 2.0 available on Premium plans. No SCIM provisioning documented. Domain verification required via TXT record. |
| Microsoft Entra ID | Via third-party | ❌ | SSO via SAML 2.0 supported using Azure AD as IdP on Premium plans. No SCIM provisioning documented. |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Mailjet accounts manually. Here's what that costs:
The Mailjet pricing problem
Mailjet gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Free | $0/month | ||
| Essential | $17/month | ||
| Premium | $27-470/month | ||
| Custom/Enterprise | Quote required |
Pricing and provisioning structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Free | $0/month | ||
| Essential | $17/month | ||
| Premium | $27-470/month | ||
| Custom/Enterprise | Quote required |
What this means in practice
For smaller email teams: If you're sending under 100k emails monthly on Premium ($27/month), you can't use SSO at all. You'll need to upgrade to Premium 100k+ (starting at $280/month) just to get SAML authentication - a 10x cost increase purely for SSO access.
For all teams: Even with enterprise pricing, there's no automated user provisioning. Every new developer, marketer, or operations team member requires manual account creation, role assignment, and offboarding management.
Additional constraints
Summary of challenges
- Mailjet does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What Mailjet actually offers for identity
SAML SSO (Premium 100k+ or Custom plans only)
Mailjet provides basic SAML 2.0 single sign-on integration, but only on their highest-tier plans:
| Setting | Details |
|---|---|
| Protocol | SAML 2.0 |
| Supported IdPs | Any SAML 2.0 compliant provider (Okta, Entra ID, OneLogin) |
| Configuration | Manual setup via IdP metadata exchange |
| Domain verification | Required via DNS TXT record |
| User requirement | Manual user creation - no JIT provisioning |
Critical limitations:
No SCIM Provisioning
Mailjet has zero documented SCIM support:
| Feature | Supported? |
|---|---|
| Create users | ❌ No |
| Update user attributes | ❌ No |
| Deactivate users | ❌ No |
| Group management | ❌ No |
| Automated provisioning | ❌ No |
This means all user lifecycle management is completely manual - creating accounts, updating permissions, and removing access when people leave your organization.
The Real Problem
For email delivery platforms, manual user management creates operational overhead and security gaps. When developers or marketing team members need Mailjet access, IT has to manually create accounts. When they leave, manual deprovisioning is required to maintain security.
The Premium 100k+ pricing requirement means you're paying for high-volume email capacity just to get basic SSO - not practical for teams that need identity management without massive email volumes.
What IT admins are saying
Mailjet's limited enterprise identity features create challenges for IT teams managing email marketing infrastructure:
- No SCIM provisioning means manual user management for all team changes
- SSO requires upgrading to Premium 100k+ plan ($470+/month), forcing costly overprovisioning
- Cannot use SSO and 2FA simultaneously - security teams must choose between authentication methods
- Domain verification via TXT records adds deployment complexity
SAML 2.0 SSO with any compliant IdP. Domain verification required. Only admins can enable. SSO and 2FA are mutually exclusive.
User management is completely manual since there's no SCIM support documented anywhere.
The recurring theme
Marketing teams want Mailjet for email delivery, but IT teams face expensive SSO requirements and zero automation for user lifecycle management. Every joiner, mover, or leaver requires manual intervention.
The decision
| Your Situation | Recommendation |
|---|---|
| Small marketing team (<10 users) | Manual management is acceptable |
| Email campaigns with stable team | Manual management with domain SSO if budget allows |
| Growing marketing organization (25+ users) | Use Stitchflow: no native SCIM available |
| Enterprise with compliance requirements | Use Stitchflow: automation essential for audit trail |
| Multiple brands/subsidiaries using email | Use Stitchflow: automation strongly recommended |
The bottom line
Mailjet offers solid email delivery capabilities but lacks any SCIM provisioning support, and even SAML SSO requires expensive Premium 100k+ plans. For marketing teams that need user provisioning automation without the premium tier costs, Stitchflow provides the missing automation layer.
Make Mailjet workflows AI-native
Mailjet has no native SCIM. We build complete offboarding, user access reviews, and license workflows across every app, including the ones without APIs.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Plan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- SSO requires Premium 100k+ or Custom plan
- No SCIM provisioning documented
- Cannot use SSO and 2FA simultaneously
- Domain verification required via TXT record
Documentation not available.
Configuration for Okta
Integration type
Okta Integration Network (OIN) app
Where to enable
Docs
SSO via SAML 2.0 available on Premium plans. No SCIM provisioning documented. Domain verification required via TXT record.
Use Stitchflow for automated provisioning.
Unlock SCIM for
Mailjet
Mailjet has no native SCIM. We still automate end-to-end workflows across every app, including the ones without APIs.
See how it works
