For custom non-gallery apps, custom headers are not supported, nor are authorization methods other than long-lived bearer tokens. Custom headers aren't (generally) supported for gallery apps either, but there are other available authorization methods. You can test by using OAuth client credentials flow on your own (Curl or any REST client) to generate an access token, which can then be added to the secret/bearer token field for the provisioning job or SCIM validator.
How to test SCIM User provisioning for non gallery applications on client credentials authorization mode?
SHIVANK AGARWAL
20
Reputation points
I am doing SCIM User Provisioning. For that I have developed SCIM APIs which supports client credentials authorization mode as well as long lived token in the form of API Key. When I was testing Azure AD SCIM Provisioning, I can see Azure supports long lived token only with Bearer prefix. And since my application was not onboarded, I was not able to test client credentials flow.
Is there a way I can test client credentials authorization flow without making my application a gallery app on Azure?
1 answer
Sort by: Most helpful
-
Danny Zollner 9,531 Reputation points Microsoft Employee
2024-05-20T17:51:08.9466667+00:00