Managing SCIM Group entitlements in IDN?

We use KnowBe4 as a Phishing test platform.
From KnowBe4’s SCIM configuration guide, they essentially only READ from their SCIM tables, and do not write anything into it… meaning that I have to do the needful in Sailpoint IDN or viia Postman.

I can fairly easily manage adding and removing users, or assigning them to groups in IDN…
But what I can not seem to do is create new groups / add to the existing list of entitlements.

is there a way to rig up IDN to add a group into the SCIM? scim is basically JSON over REST API anyway, and I can do it by hand (postman call to POST to https://(scim host)/v2/Groups,

  "schemas": [ "urn:ietf:params:scim:schemas:core:2.0:Group" ],
  "displayName": "test",
  "members": [

I can assign users into groups via IDN
I can create/archive users via IDN
What can I do in order to add to the Groups list in a SCIM? I am very much hoping that I do not need to maintain a token in Postman and manually call the API.

You cannot manage(Create/update) groups through IdentityNow.

Thank you Chirag.

That is rather disheartening.

my Source explicitly abdicates all responsibility for user/group creation once SCIM is enabled, since “your identity provider will do that!”

IdentityNow refuses, even though there is a large “ADD” button on the entitlements page (which simply links to the Entitlement Aggregation page… its not illogical to assume that the Add button should Add)
Screen Shot 2022-05-13 at 8.09.12 AM

So, as far as I understand it then, I am forced to keep API Keys in an insecure format, and manually handle my creation via sketchy use of the SCIM / REST API.

@sholinaty can help on the account and group schema and which scim connector you used to provision users from IDN to KnowBe4