Summary and recommendation
Precoro, the procurement management platform, does not support SCIM provisioning on any plan. While Precoro offers SAML 2.0 SSO integration with identity providers like Okta and Microsoft Entra ID, this only handles authentication, not user lifecycle management. Users must be manually created in Precoro before they can leverage SSO authentication, and critical user management tasks like offboarding remain manual processes—disabling a user in your IdP prevents login but doesn't remove the user from Precoro or revoke their access to sensitive procurement data.
This creates a significant operational gap for IT teams managing procurement access. Without automated provisioning, onboarding new employees requires manual user creation in Precoro, while offboarding terminated employees leaves their accounts active with access to purchase orders, vendor information, and financial data. Email address changes in the IdP aren't synchronized, breaking the SSO connection and forcing manual intervention. For organizations using Precoro to manage thousands or millions in procurement spend, this manual user management creates compliance risks and administrative overhead.
The strategic alternative
Precoro has no native SCIM. Automate offboarding, user access reviews, and license workflows across every app, including the ones without APIs. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | No |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ❌ | No OIN listing but Precoro documents SAML SSO setup with Okta. SSO only - no user provisioning. |
| Microsoft Entra ID | ✓ | ❌ | SAML SSO supported with Microsoft Entra ID. No SCIM provisioning - users must be created manually in Precoro. |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Precoro accounts manually. Here's what that costs:
The Precoro pricing problem
Precoro gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Pro (Core) | $499/mo | ||
| Business (Automation) | $999/mo | ||
| Enterprise | Custom |
Pricing structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Pro (Core) | $499/mo | ||
| Business (Automation) | $999/mo | ||
| Enterprise | Custom |
What this means in practice
Manual user management across all plans
Real administrative burden
Additional constraints
Summary of challenges
- Precoro does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What Precoro actually offers for identity
SAML SSO (All plans)
Precoro supports SAML 2.0 SSO integration across all pricing tiers:
| Setting | Details |
|---|---|
| Protocol | SAML 2.0 |
| Supported IdPs | Okta, Microsoft Entra, Keycloak, JumpCloud, CyberArk |
| Configuration | Manual SAML setup with IdP metadata |
| User requirement | Accounts must be created manually in Precoro first |
Critical limitation: Precoro's SSO is authentication-only. Users must be manually created in Precoro before they can authenticate via SAML, and disabling a user in your IdP only prevents login - it doesn't remove them from Precoro.
What's missing for user lifecycle management
| User Management Task | Precoro Support |
|---|---|
| Create users automatically | ❌ No |
| Update user attributes | ❌ No |
| Sync email changes | ❌ No |
| Deactivate users | ❌ No |
| Group/role assignment | ❌ No |
| SCIM provisioning | ❌ No |
Translation: You get federated login, but zero automation for user provisioning, updates, or deprovisioning. IT admins still handle all user lifecycle tasks manually in Precoro, regardless of which plan they're on.
The gap between SSO-only authentication and actual user lifecycle management means most teams end up with orphaned accounts and manual user management overhead.
What IT admins are saying
Precoro's lack of automated provisioning creates operational overhead for IT teams managing procurement access:
- Manual user creation required even with SSO configured
- User lifecycle management completely disconnected from identity provider
- Email changes in IdP don't sync to Precoro accounts
- Disabled users in IdP can still appear active in Precoro system
SAML SSO supported with Microsoft Entra ID. No SCIM provisioning - users must be created manually in Precoro.
Disabling user in IdP prevents login but doesn't remove user from Precoro
The recurring theme
IT teams must maintain dual user management - once in their identity provider and again manually in Precoro. This creates compliance gaps and administrative burden, especially problematic for procurement systems handling financial approvals and vendor relationships.
The decision
| Your Situation | Recommendation |
|---|---|
| Small procurement team (<10 users) | Manual user management with SSO for authentication |
| Stable finance team with infrequent changes | Manual management acceptable if users rarely change |
| Growing organization (25+ users) | Use Stitchflow: manual creation becomes time-consuming |
| Multi-department procurement rollout | Use Stitchflow: automation essential for scaling |
| Enterprise with compliance requirements | Use Stitchflow: audit trail and automated deprovisioning required |
The bottom line
Precoro offers solid procurement functionality with SAML SSO, but zero provisioning automation—every user must be manually created and managed. For organizations scaling their procurement processes or requiring automated user lifecycle management, Stitchflow eliminates the manual overhead while maintaining full audit compliance.
Make Precoro workflows AI-native
Precoro has no native SCIM. We build complete offboarding, user access reviews, and license workflows across every app, including the ones without APIs.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Plan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- No SCIM provisioning - user creation must be done manually in Precoro
- SSO only handles authentication, not user lifecycle management
- Supports SAML 2.0 with Okta, Entra, Keycloak, JumpCloud, CyberArk
- Disabling user in IdP prevents login but doesn't remove user from Precoro
- Email changes in IdP are not synced to Precoro
Documentation not available.
Configuration for Entra ID
Integration type
Microsoft Entra Gallery app
Where to enable
SAML SSO supported with Microsoft Entra ID. No SCIM provisioning - users must be created manually in Precoro.
Use Stitchflow for automated provisioning.
Unlock SCIM for
Precoro
Precoro has no native SCIM. We still automate end-to-end workflows across every app, including the ones without APIs.
See how it works
