Summary and recommendation
Tines supports native SCIM 2.0 provisioning, but only on Enterprise plans with custom pricing. The platform requires SSO configuration as a prerequisite before enabling SCIM, and Community (free) tier users are locked out entirely from automated provisioning capabilities.
This creates a significant barrier for security teams evaluating Tines for workflow automation. Moving from Community to Enterprise purely for SCIM access forces organizations into enterprise sales cycles and custom pricing negotiations, often adding tens of thousands in annual costs. Meanwhile, manual user management in a security orchestration platform creates operational overhead and potential access control gaps—exactly what you're trying to eliminate with automation tools.
The strategic alternative
Tines gates SCIM behind Enterprise. Skip the Enterprise plan upgrade and automate complete outcomes across your stack. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | Yes |
| SCIM tier required | Enterprise |
| SSO required first? | Yes |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Not available |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ✓ | OIN app with full provisioning |
| Microsoft Entra ID | ✓ | ❌ | SSO only |
| Google Workspace | ✓ | JIT only | SAML SSO with just-in-time provisioning |
| OneLogin | ✓ | ✓ | Supported |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Tines accounts manually. Here's what that costs:
The Tines pricing problem
Tines gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Plan Structure
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Community | Free | ||
| Pro | N/A | ||
| Business | N/A | ||
| Enterprise | Custom |
Note: Pro and Business pricing details are not publicly available, but SCIM access is exclusively available in the Enterprise tier.
What this means in practice
No transparent pricing path: Unlike most SaaS tools with published tier pricing, Tines requires sales engagement and custom quotes for Enterprise access. This creates uncertainty around:
Community tier limitations: Organizations using the free Community tier face a significant jump to Enterprise for basic provisioning capabilities.
Additional constraints
Summary of challenges
- Tines supports SCIM but only at Enterprise tier (Custom)
- Google Workspace users get JIT provisioning only, not full SCIM
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What the upgrade actually includes
Tines doesn't sell SCIM à la carte. It's bundled with Enterprise features that require custom pricing:
Stitchflow Insight
The Enterprise tier targets security teams at large organizations that need comprehensive SOAR (Security Orchestration, Automation and Response) capabilities. If you're a smaller team that just wants automated user provisioning for your security workflows, you're paying for enterprise security features, custom support tiers, and advanced automation tools you likely don't need. We estimate ~80% of Enterprise features are irrelevant for teams that only need SCIM provisioning.
What IT admins are saying
Community sentiment on Tines's SCIM limitations reveals mixed experiences. Common complaints:
- Enterprise tier requirement creating cost barriers for smaller security teams
- Lack of SCIM support in Microsoft Entra ID despite SSO availability
- Having to implement SSO first before accessing SCIM functionality
- Custom Enterprise pricing making budget planning difficult
We're stuck on the Community tier because Enterprise pricing is out of reach, but we really need automated user provisioning for our security workflows.
Tines works great with Okta SCIM but there's no provisioning support for Azure AD. We're a Microsoft shop so that's frustrating.
The recurring theme
SCIM availability varies dramatically by IdP, and Enterprise tier requirements create artificial barriers for teams that need automated provisioning but don't require other Enterprise features.
The decision
| Your Situation | Recommendation |
|---|---|
| On Community/Pro/Business, need SCIM | Use Stitchflow: avoid the Enterprise tier jump and custom pricing |
| Already on Enterprise with SCIM | Use native SCIM: you're paying for it |
| Using Entra ID and need provisioning | Use Stitchflow: Tines only supports Entra SSO, not provisioning |
| Need Enterprise security features beyond SCIM | Evaluate Enterprise: SCIM comes bundled with the tier |
| Small security team, low employee churn | Manual may work: but monitor for access gaps as you scale |
The bottom line
Tines gates SCIM behind Enterprise custom pricing, and only supports provisioning from Okta—leaving Entra ID customers without native options. For teams that need automated provisioning without Enterprise costs or across multiple IdPs, Stitchflow delivers SCIM-level automation at a predictable price.
Make Tines workflows AI-native
Tines gates SCIM behind Enterprise. We build complete offboarding, user access reviews, and license workflows without that SCIM Tax upgrade.
Technical specifications
SCIM Version
2.0
Supported Operations
Create, Update, Deactivate, Groups
Supported Attributes
Not specifiedPlan requirement
Enterprise
Prerequisites
SSO must be configured first
Key limitations
- Enterprise tier required for SCIM
- SSO configuration required before SCIM
- Community (free) tier has limited features
Documentation not available.
Configuration for Okta
Integration type
Okta Integration Network (OIN) app with SCIM provisioning
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Required credentials
SCIM endpoint URL and bearer token (generated in app admin console).
Configuration steps
Enable Create Users, Update User Attributes, and Deactivate Users.
Provisioning trigger
Okta provisions based on app assignments (users or groups).
Docs
Full SCIM provisioning support
Tines gates SCIM behind Enterprise. Stitchflow automates complete workflows without that SCIM Tax upgrade.
Unlock SCIM for
Tines
Tines gates SCIM behind Enterprise plan. We automate complete offboarding and access reviews across your stack without that SCIM Tax upgrade.
See how it works
