Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Softdrive SCIM Provisioning with Microsoft Entra

            Modified on Mon, 21 Jul at 7:02 AM

            Prerequisites

            • An Entra AD plan that supports custom, non-gallery applications.

            • If using a local Active Directory, it must be synced with Entra AD.

            • Do not add Softdrive from the Azure App Gallery. You must create a custom enterprise application as explained below.

            • Get a SCIM token from Softdrive by contacting support@softdrive.co.

            Step-by-Step Guide

            1. Create a custom Enterprise Application

            1. Sign in to the Microsoft Entra portal.

            2. Navigate to: ApplicationsEnterprise Applications
               

            3. Click + New application+ Create your own application

            4. Name your app (e.g., Softdrive SCIM)

            5. Select:
              "Integrate any other application you don't find in the gallery"
               

            6. Open the newly created app → go to Provisioning

            7. Click + New Configuration 

            8. Configure the following fields:
              Tenant URL:
              https://softnet.softdrive.co/api/v1/automations/scim
              Secret Token:
              Get a customized token by following this link.

            9. Click Test Connection to verify.

            10. Click Save

            2. Attribute Mapping

            ⚠️ You must successfully test the connection and save the basic configuration before editing mappings.

            Group Mappings

            1. Go to the enterprise app → ProvisioningAttribute Mappings

            2. Select: Provision Microsoft Entra ID Groups
               

            3. Set mappings accordingly (based on your organization’s needs).

            Note: Group provisioning requires a Microsoft Entra plan.

            User Mappings

            1. Go to the enterprise app → ProvisioningAttribute Mappings

            2. Select: Provision Microsoft Entra ID Users
               

            3. Set the following mappings




            3. Provisioning Logic


            a. Add Users & Groups

            • Go to the app → Users and groups+ Add User / Group
               

            • Only direct members are provisioned.

            • Nested group members are not synced.

            b. Testing

            • Use Provision on Demand to test individual user provisioning.

            • Group provisioning cannot be tested using this method.

            c. Enable Automatic Provisioning

            • Go to:
              Enterprise Application → your app → ProvisioningOverviewStart Provisioning

               

            • Entra syncs automatically every ~40 minutes. (This interval is fixed.)

            4. User Deactivation & Deletion

            ScenarioResult in Softdrive
            User removed from scope or soft-deletedDeleted
            User permanently deleted in Entra ADDeleted
            Group removed from scope or deleted in EntraUsers from that group deleted
            Group permanently deleted in Entra ADUsers from that group deleted


            5. Limitations & Notes

            • User type changes must be handled manually or via custom attributes.

            • Group owners are not supported.

            • Use service accounts for SCIM token generation to avoid disruption.

            • SCIM sync is one-way only: changes in Softdrive do not sync back to Microsoft Entra.






            Preview
            0 of 0