Anyone who’s tried to manage users in more than one app will tell you that every app tries to perform the same simple actions such as creating or updating users, adding users to groups, or deprovisioning users. Yet, all these simple actions are implemented just a little bit differently, using different endpoint paths, different methods to specify user information, and a different schema to represent each element of information.
To help with these challenges and to help automate provisioning and deprovisioning of applications, the SCIM (System for Cross-domain Identity Management) standard provides a common user schema to help users move into, out of, and around apps. SCIM is becoming the de-facto standard for provisioning and when used in conjunction with federation standards like SAML or OpenID Connect, provides administrators an end-to-end standards-based solution for access management.
Today we published an overview on how to design, build and test your own SCIM endpoint for your application. To learn more, read our Provisioning with SCIM – design, build, and test your SCIM endpoint blog post on the identity standards blog. Once you’ve got your SCIM endpoint up and running, you can quickly integrate it with Azure AD and leverage our SCIM reference guide to understand the Azure AD SCIM implementation.
-The Microsoft identity platform team