Azure AD SCIM provisioning - SCIM server application requirement

Question

Hi Team,

We are developing SCIM provisioning APIs for the auto user provisioning from Azure AD.

As per the test project provided in azure documentation https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/scim-validator-tutorial#use-postman-to-test-endpoints-optional , it seems SCIM endpoint needs to support query operation with all types of filters, sorting, pagination etc. Most of these requests may not be required for Azure user and groups provisioning.

Please suggest if all the sample requests provided in the postman project needs to be supported by SCIM endpoint for the gallery onboarding.
Or would it be sufficient to support the APIs required for Users and Groups provisioning.

Answer 1

This is your best reference:

https://learn.microsoft.com/en-us/azure/active-directory/app-provisioning/use-scim-to-provision-users-and-groups#understand-the-azure-ad-scim-implementation

There's a bit of drift right now between what we list in this article, what we test with the SCIM validator, additional testing that is performed when an integration is being developed by Microsoft for an Enterprise Gallery app, and the functionality of the sample SCIM server code we've previously published as open source. The requirements in the section of the documentation I linked as well as the sample web requests in the same article are both helpful references. They are not 100% of the requirements, however - so you'll want to test with the SCIM validator in addition to reviewing the documentation.