Drata does not currently offer SCIM-based user provisioning. Stepwork automates Drata provisioning with 98% accuracy — no API required.
SSO exists; lifecycle not SCIM. Complexity Vector: Evidence and access live across many connected systems.
You’re right to be cautious—compliance tools still create manual work when access and evidence are spread across systems. Drata automates controls, but lifecycle and access-review configuration still takes hands-on effort, which is why teams use Stepwork to automate Drata flows with 98% accuracy without needing an API.
Drata supports OIDC sign-on. Stepwork authenticates through your existing identity provider — the same way your employees do.
No. Drata does not currently offer SCIM-based user provisioning, leaving IT teams to manage user lifecycle changes manually.
Stepwork automates Drata provisioning through interface automation — the same way a human would, but with 98% accuracy and no API required. Record the flow once, and Stepwork runs it on demand or on a schedule.
Yes. Stepwork authenticates to Drata through your existing identity provider (Okta, Microsoft Entra ID, 1Password, etc.) and completes MFA natively — including OTP, passkeys, and push notifications. No separate credentials or service accounts are needed.
The primary risk is no native scim provisioning.. Additional risks include sso setup overhead, access reviews require mapping, evidence spans many systems.. Stepwork eliminates these risks by automating the entire provisioning workflow.
See how Stepwork provisions users in Drata with 98% accuracy — in a 15-minute demo.
Book a DemoNo. Stepwork completes MFA exactly like a human user — supporting OTP, passkeys, push notifications, and other methods. It signs in through your existing identity provider and OIDC, mirroring your organization's security posture.