Prerequisites
An Entra AD plan that supports custom, non-gallery applications.
If using a local Active Directory, it must be synced with Entra AD.
Do not add Softdrive from the Azure App Gallery. You must create a custom enterprise application as explained below.
Get a SCIM token from Softdrive by contacting support@softdrive.co.
Step-by-Step Guide
1. Create a custom Enterprise Application
Sign in to the Microsoft Entra portal.
Navigate to: Applications → Enterprise Applications
Click + New application → + Create your own application
Name your app (e.g.,
Softdrive SCIM
)Select:
"Integrate any other application you don't find in the gallery"Open the newly created app → go to Provisioning
Click + New Configuration
Configure the following fields:
Tenant URL:https://softnet.softdrive.co/api/v1/automations/scim
Secret Token:
Contact support@softdrive.co to obtain your custom token.Click Test Connection to verify.
Click Save
2. Attribute Mapping
⚠️ You must successfully test the connection and save the basic configuration before editing mappings.
Group Mappings
Go to the enterprise app → Provisioning → Attribute Mappings
Select: Provision Microsoft Entra ID Groups
- Set mappings accordingly (based on your organization’s needs).
Note: Group provisioning requires a Microsoft Entra plan.
User Mappings
Go to the enterprise app → Provisioning → Attribute Mappings
Select: Provision Microsoft Entra ID Users
Set the following mappings
3. Provisioning Logic
a. Add Users & Groups
Go to the app → Users and groups → + Add User / Group
Only direct members are provisioned.
Nested group members are not synced.
b. Testing
Use Provision on Demand to test individual user provisioning.
Group provisioning cannot be tested using this method.
c. Enable Automatic Provisioning
Go to:
Enterprise Application → your app → Provisioning → Overview → Start ProvisioningEntra syncs automatically every ~40 minutes. (This interval is fixed.)
4. User Deactivation & Deletion
Scenario | Result in Softdrive |
---|---|
User removed from scope or soft-deleted | Deleted |
User permanently deleted in Entra AD | Deleted |
Group removed from scope or deleted in Entra | Users from that group deleted |
Group permanently deleted in Entra AD | Users from that group deleted |
5. Limitations & Notes
User type changes must be handled manually or via custom attributes.
Group owners are not supported.
Use service accounts for SCIM token generation to avoid disruption.
SCIM sync is one-way only: changes in Softdrive do not sync back to Microsoft Entra.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article