How to ensure we are providing access to only group of users to the respective business app using Automatic provisioning or via SCIM? How can we do that?

Vinod Survase 4,736 Reputation points
2024-02-21T05:40:29.5566667+00:00

How to ensure we are providing access to only group of users to the respective business app using Automatic provisioning or via SCIM? How can we do that? I do see that there is "Self Service" option but it is really based on the users action where they need request access and then we can target the group where they should be landed after access request approved by respective app owners/IT admin but I was looking for other different options on this. Also I believe there is way by using groups as well but it would be depend on the respective applications.

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,738 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,372 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Danny Zollner 10,056 Reputation points Microsoft Employee
    2024-02-21T16:07:28.22+00:00

    The most basic option of course is for group memberships to be managed via IT admins directly, but that isn't scalable. You identified another option, self-service group management, but there are others such as assigning owners to a group (who then can manage memberships), or dynamic groups. https://learn.microsoft.com/en-us/entra/fundamentals/how-to-manage-groups https://learn.microsoft.com/en-us/entra/identity/users/groups-self-service-management I'm not sure if there were other questions - please clarify if so.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.