How can we customize SCIM query filter in Azure?

Ashish Vishwakarma 1 Reputation point

Azure is using userName to apply filter. Can anyone suggest if there is any way to customize this filter? I want to use userName + externalId to be passed in the filter as parameter.132255-zn3og.png

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,186 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Danny Zollner 9,541 Reputation points Microsoft Employee

    Taking my response from your Stack Overflow post with the same question :)

    Attributes set as matching properties in the mappings will be used sequentially to try to identify a match. For example, with userPrincipalName -> userName as matching precedence 1 and objectId -> externalId as matching precedence 2, Azure AD Provisioning would do a GET /Users?filter=userName eq "user@keyman .com". If that filtered GET returns zero results, then a GET /Users?filter=externalId eq "GuidValue" would be performed. If both came back with zero results, a POST will be used to create a user, otherwise if one result is found from either of those filtered GET calls, the objects will be linked between systems and a PATCH will be used to update any attributes on the SCIM service's user if needed.

    There is no way to jointly call two attributes, such as /Users?filter=username eq "user@keyman .com" and externalId eq "GuidValue"

    1 person found this answer helpful.