@Abhijeet-MSFT is there any progress or roadmap to send e.g. DisplayName of manager - even this is not required by SCIM RFC 4.3.
SCIM user provisioning setup with manager attribute
Hello, I am trying to get the correct setup for the 'manager' attribute that comes from the SCIM protocol, enterprise user extension.
According to the SCIM protocol, this is a complex type attribute with 3 sub-attributes: 'value', '$ref', and read-only 'displayName'. But the default setup from Azure AD actually sends manager as a simple attribute:
"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager": "user-id".
Is there a way to get the setup that follows the SCIM specification and sends "manager" with "value" and "$ref"?
Regards
8 answers
Sort by: Most helpful
-
-
Matt Slater 1 Reputation point
2022-04-13T17:39:44.497+00:00 @Abhijeet-MSFT Raising this one for attention once again. If there is any progress on this issue, let us know.
As a SaaS software vendor, we are integrating our platform with multiple customer's Identity Providers, including Azure AD, Okta and OneLogin. When integrating with Azure AD we are having to jump through extra unneccessary hoops to get at the manager's details, which isn't necessary with other providers that conform to the RFC spec. I understand the complexities of changing things now, but the longer this takes and the more SCIM is adopted worldwide, the harder it will surely become.
Note: A workaround for us (although far from ideal) is to make an additional API call to the Customer's tenant via Graph API to lookup the manager's details at live time, when we need it.
e.g.GET https://graph.microsoft.com/v1.0/users/{userPrincipalName}/manager
-
Adrian Corston 6 Reputation points
2022-05-04T04:45:13.72+00:00 Adding my support to this request - I work on a SCIM app provisioning broker service for apps that don't have native SCIM support, and quite a few of them want the Manager's name. It would be nice not to have to source it out-of-band via Graph API calls.