Skip to main content


Eptura Knowledge Center

About SCIM provisioning for Microsoft Azure AD

About this guide

The SCIM provisioning for Microsoft Azure AD guide is for Azure Active Directory administrators who want to configure user provisioning for Condeco using Condeco SCIM API. It assumes familiarity with Azure AD, basic identity management concepts, and the SCIM standard.

The key steps are provided, however, this is not a comprehensive guide. For utilizing the full potential of SCIM, please refer to the SCIM 2.0 protocol specification

Our SCIM integration supports SCIM version 2.0 and is certified for Azure Active Directory.


The following are required:

  • Azure Active Directory
  • The following values as provided by Condeco:
    • Condeco SCIM API URL
    • Condeco SCIM Token provider URL
    • SCIM client ID
    • SCIM client secret token
    • Long-lived SCIM token generated from SCIM Token Provider (up to 10 years).

Learn how to generate a SCIM token

Supported actions

When the SCIM integration between Azure AD and Condeco is ready, the following actions performed from the Azure directory are also be applied to the users in Condeco.

Action in Azure AD Notes
Create users Condeco requires a unique username for each user. If the username already exists in Condeco, the SCIM User creation is rejected by our SCIM API.
Delete users  
Update user attributes Updates to user profiles in Azure AD are pushed to Condeco.
Add a group Adding a group creates a corresponding group in Condeco. Any group members (who exist in Condeco) are automatically mapped to the Condeco group.
Remove a group  
Update Groups attributes Group attribute ‘displayName’ can be updated.
Add/remove users to/from a group