Azure AD SCIM Employee Provisioning
Table of contents
1. Prerequisites
2. SCIM Attributes support by myPolicies
3. SCIM Endpoint URL
4. Authentication Requirements
5. Provisioning Limitations
6. Test Account Access
1. Prerequisites
An Azure subscription with a trial or licensed version of Entra ID, Azure AD Premium
2. SCIM Attributes support by myPolicies
SCIM 2.0 Core Schema
- UserName (required and must be unique)
- ExternalId/External_Id (required and must be unique)
- active
- password
- name
- familyName
- givenName
- formatted
- Emails (required and must be unique) (Target Attribute: emails[type eq "primary"].value)
- primary: true
- value
- type
- addresses
- primary: true
- country
- displayName
SCIM 2.0 Extension Enterprise 1.0
- employeeNumber
- costCenter
- organization
- division
- department
- manager
- displayName
urn:ietf:params:scim:schemas:core:2.0:myp:custom
- countryCode
SCIM Operations Supported
- Create
- Update
- Patch (We accept replace and add but we do not support remove at this time)
- Delete
3. SCIM Endpoint URL
myPolicies endpoints are tenant specific.
https://<your - tenant>.mypolicies.com/scim/v2
in some setups the /v2 has to be removed. i.e. https://<your-tenant>.mypolicies.com/scim
4. Authentication Requirements
Our SCIM API requires a Bearer token that is supplied by myPolicies upon request.
5. Provisioning Limitations
Users are never deleted from myPolicies, accounts are disabled upon a delete request.
6. Test Account Access
A test tenant can be created upon request.
Please e-mail: support@mypolicies.com