Skip to main content
Eptura Knowledge Center

Configure SCIM provisioning for Microsoft Entra ID

Configure SCIM for Eptura in Microsoft Entra ID Active Directory and view the status of the current cycle.

Before you start

The SCIM provisioning for Microsoft Entra ID guide is written for Azure Active Directory administrators configuring user provisioning for Eptura using the Eptura SCIM API. It assumes familiarity with Entra ID, basic identity management concepts, and the SCIM standard.

Learn morePrerequisites and supported actions.

How to configure SCIM for Eptura in Microsoft Entra ID

  1. Sign into the Azure portal and open Microsoft Entra ID
  1. Select Enterprise applications.
    scim prov entra 01a.png
  2. Click New application.
    scim prov entra 02a.png
  1. Click Create your own application.
    scim prov entra 03a.png
  2. Enter a name for the new application i.e. ‘EpturaScimApplication’ and select Integrate any other application you don’t find in the gallery. Click Create.
    scim prov entra 04.png
  1. From the Overview page for your new application, click Get started in the Provision User Accounts box.
    scim prov entra 05.png
  2. On the Provisioning page, click the Provisioning Mode drop-down and select Automatic then enter the Admin Credentials:
    1. Tenant URL: enter the Eptura SCIM URL i.e. https://<EPTURA-SCIM-Domain>/scim/v1/
    2. Secret Token: enter the token (provided by Eptura). Learn moreEptura SCIM API token
      scim prov entra 06.png
  3. Click Test connection and if successful, click Save to save your new application.
    scim prov entra 07.png
  4. Still on the Provisioning page, scroll down and expand the Mappings section. Click Provision Microsoft Entra ID Users
    scim prov entra 08.png
  5. The Attribute Mapping table must only contain the following customappsso attributes:

Mandatory attributes:

  • userName
  • active
  • emails[type eq “work”].value
  • name.givenName
  • name.familyName
  • externalId

Optional attributes:

  • phoneNumbers[type eq “work”].value
  • phoneNumbers[type eq “mobile”].value

Phone number values: Phone number values must follow the RFC 3966 standard. More information about phone number values is available in the SCIM API Developers Guide > Schemas or visit the Internet Engineering Task Force (IETF) RFC Editor for full details of RFC 3966:

Click Delete to delete mappings not listed above. The image shows only the required mappings.

Mappings 01.PNG
Learn moreSCIM User attributes and the associated Eptura User attributes

  1. Still on the Attribute Mapping page, click “externalId” mapping from the 'customappsso Attribute' column and change the values as follows:

Mapping type: Direct
Source attribute: objectId
Default value if null (optional): leave blank
Target attribute: externalId
Match objects using this attribute: No
Apply this mapping: Always

  1. Click OK to save the values.
  2. Click Save to save the Attribute Mappings and click Yes to confirm.
  3. Expand the Mappings section and click Provision Microsoft Entra ID Groups.
    scim prov entra 14.png
  4. Click Yes to enable Provision Azure Active Directory Groups, then click Save.
    scim prov entra 09.png
  5. The Attribute Mapping page is displayed. Edit the group attributes as follows:
    1. Click the group attribute “displayName” and change Matching precedence to 2.
      scim prov entra 10.png
    2. Click OK to save and return to the Attribute Mapping page.
    3. Click the group attribute “objectId” to open the Edit Attribute page. Click Match object using this attribute and select Yes. Check the Matching precedence value is 1.
      scim prov entra 11.png
    4. Click OK to save and return to the Attribute Mapping page.
    5. Click the group attribute “displayname” again to open the Edit Attribute page. Click Match object using this attribute and select No. Check the Matching precedence value is empty.
      scim prov entra 12.png
    6. Click OK to save and return to the Attribute Mapping page.
  6. Click Save to save the Attribute Mappings and click Yes to confirm.
  7. Click X to close Attribute Mapping and return to the Provisioning Page.
  8. Expand Settings, click the Scope drop-down list and select Sync all users and groups and set the Provisioning Status button to On.
    Note: If the Scope drop-down list is not visible, close the Provisioning page and click Edit Provisioning to reopen.
    scim prov entra 15.png
  9. Click Save to complete the SCIM application provisioning.

Current cycle status

In the Manage navigation menu select Provisioning to view the status of the current or initial incremental cycle. Use the buttons at the top to manually start or stop provisioning, and click View Provision details to check the schedule for the next run.