About SCIM provisioning for Microsoft Azure AD
About this guide
The SCIM provisioning for Microsoft Azure AD guide is for Azure Active Directory administrators who want to configure user provisioning for Eptura Engage using Eptura Engage SCIM API. It assumes familiarity with Azure AD, basic identity management concepts, and the SCIM standard.
The key steps are provided, however, this is not a comprehensive guide. For utilizing the full potential of SCIM, please refer to the SCIM 2.0 protocol specification http://www.simplecloud.info/#Specification.
Our SCIM integration supports SCIM version 2.0 and is certified for Azure Active Directory.
Prerequisites
The following are required:
- Azure Active Directory
- The following values as provided by Eptura:
- Eptura Engage SCIM API URL
- Eptura Engage SCIM Token provider URL
- SCIM client ID
- SCIM client secret token
- Long-lived SCIM token generated from SCIM Token Provider (up to 10 years).
Supported actions
When the SCIM integration between Azure AD and Eptura Engage is ready, the following actions performed from the Azure directory are also be applied to the users in Condeco.
| Action in Azure AD | Notes |
|---|---|
| Create users | Eptura Engage requires a unique username for each user. If the username already exists in Eptura Engage, the SCIM User creation is rejected by our SCIM API. |
| Delete users | |
| Update user attributes | Updates to user profiles in Azure AD are pushed to Eptura Engage. |
| Add a group | Adding a group creates a corresponding group in Eptura Engage. Any group members (who exist in Eptura Engage) are automatically mapped to the Eptura Engage group. |
| Remove a group | |
| Update Groups attributes | Group attribute ‘displayName’ can be updated. |
| Add/remove users to/from a group |