This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 37%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ER%3C/text%3E%3C/svg%3E)
While Azure AD SCIM client sends user creation POST request to create user object in target system, it doesn't contain the information about the group to which User is associated in Azure AD. Is there any way to enable the option to get this information during user auto provisioning using SCIM integration.
Also the groups object gets updated with member list through multiple patch requests. Is there any way to track if the user-group association in target application is up to date with all relevant groups having users added in the member list.
You need to add support for the /Groups endpoint and enable/configure that in your provisioning job in AAD. Per the SCIM spec, the "groups" attribute on the user resource is readOnly mutability and cannot be used to manipulate a user's group memberships.
@Anonymous /Groups endpoint is already configured in our scim application. And also in the AAD provisioning job, Provision Azure Active Directory Groups is enabled.
But we are looking to get the groups information with /Users endpoint. Scim provisioning job syncs users via /Users endpoint initially and then syncs groups via /Groups endpoint.
We have the need to get groups information with /Users endpoint. Please suggest if thats possible with AAD provisioning job.
As I said, this is not possible. The SCIM spec defines the "groups" attribute on the user resource (exposed via the /Users endpoint) as being readOnly. AAD Provisioning will not provide this information as the SCIM standard does not support it being provided in that way.
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?
Thank you for your time and patience throughout this issue.
If the information helped address your question, please Accept the answer. This will help us and also improve searchability for others in the community who might be researching similar information.