The most basic option of course is for group memberships to be managed via IT admins directly, but that isn't scalable. You identified another option, self-service group management, but there are others such as assigning owners to a group (who then can manage memberships), or dynamic groups. https://learn.microsoft.com/en-us/entra/fundamentals/how-to-manage-groups https://learn.microsoft.com/en-us/entra/identity/users/groups-self-service-management I'm not sure if there were other questions - please clarify if so.
How to ensure we are providing access to only group of users to the respective business app using Automatic provisioning or via SCIM? How can we do that?
Vinod Survase
4,736
Reputation points
How to ensure we are providing access to only group of users to the respective business app using Automatic provisioning or via SCIM? How can we do that? I do see that there is "Self Service" option but it is really based on the users action where they need request access and then we can target the group where they should be landed after access request approved by respective app owners/IT admin but I was looking for other different options on this. Also I believe there is way by using groups as well but it would be depend on the respective applications.
1 answer
Sort by: Most helpful
-
Danny Zollner 10,056 Reputation points Microsoft Employee
2024-02-21T16:07:28.22+00:00