Partner-driven provisioning integrations

The Azure Active Directory Provisioning service allows you to provision users and groups into both SaaS and on-premises applications. There are four integration paths:

Option 1 - Azure AD Application Gallery: Popular third party applications, such as Dropbox, Snowflake, and Workplace by Facebook, are made available for customers through the Azure AD application gallery. New applications can easily be onboarded to the gallery using the application network portal.

Option 2 - Implement a SCIM compliant API for your application: If your line-of-business application supports the SCIM standard, it can easily be integrated with the Azure AD SCIM client.

Diagram showing implementation of a SCIM compliant API for your application.

Option 3 - Use Microsoft Graph: Many new applications use Microsoft Graph to retrieve users, groups and other resources from Azure Active Directory. You can learn more about what scenarios to use SCIM and Graph in.

Option 4 - Use partner-driven connectors: In cases where an application doesn't support SCIM, partners have built gateways between the Azure AD SCIM client and target applications. This document serves as a place for partners to attest to integrations that are compatible with Azure Active Directory, and for customers to discover these partner-driven integrations. These gateways are built, maintained, and owned by the third-party vendor.

Diagram showing gateways between the Azure AD SCIM client and target applications.

Available partner-driven integrations

The descriptions and lists of applications below are provided by the partners themselves. You can use the lists of applications supported to identify a partner that you may want to contact and learn more about.

IDMWORKS

Description

We Are Experts In Identity & Access Management and Data Center Management. The Azure AD platform integrates with IDMWORKS IdentityForge (IDF) Gateway for user lifecycle management for Mainframe systems (RACF, Top Secret, ACF2), Midrange system (AS400), Healthcare applications (EPIC/Cerner), Linux/Unix servers, Databases, and dozens of on-premises and cloud applications. IdentityForge provides a central, standardized integration engine and modern identity store that serves as a trusted source for all lifecycle management. The IDF Gateway for Azure AD provides lifecycle management for import sources and provisioning target systems that are not covered by the Azure AD connector portfolio like Mainframe systems (RACF, Top Secret, ACF2) or Healthcare applications (EPIC/Cerner). The IDF Gateway powers Azure AD identity lifecycle management (LCM) to continuously synchronize user account information from Mainframe/Healthcare sources and to automate the account provisioning lifecycle use cases like create, read (import), update, deactivate, delete user accounts and perform group management.

Contact information

Leading provider of Mainframe, Healthcare and ERP integrations. More can be found at https://www.idmworks.com/identity-forge/

  • IBM RACF
  • CA Top Secret
  • CA ACF2
  • IBM i (AS/400)
  • HP NonStop
  • EPIC
  • SAP ECC

UNIFY Solutions

Description

UNIFY Solutions is the leading provider of Identity, Access, Security and Governance solutions.

Contact information

  • Aurion People & Payroll
  • Frontier Software chris21
  • TechnologyOne HR
  • Ascender HCM
  • Fusion5 EmpowerHR
  • SAP ERP Human Capital Management

How-to add partner-driven integrations to this document

If you have built a SCIM Gateway and would like to add it to this list, follow the steps below.

  1. Review the Azure AD SCIM documentation to understand the Azure AD SCIM implementation.
  2. Test compatibility between the Azure AD SCIM client and your SCIM gateway.
  3. Click the pencil at the top of this document to edit the article
  4. Once you're redirected to GitHub, click the pencil at the top of the article to start making changes
  5. Make changes in the article using the Markdown language and create a pull request. Make sure to provide a description for the pull request.
  6. An admin of the repository will review and merge your changes so that others can view them.

Guidelines

  • Add any new partners in alphabetical order.
  • Limit your entries to 500 words.
  • Ensure that you provide contact information for customers to learn more.
  • To avoid duplication, only include applications that don't already have out of the box provisioning connectors in the Azure AD application gallery.

Disclaimer

For independent software vendors: The Microsoft Azure Active Directory Application Gallery Terms & Conditions, excluding Sections 2–4, apply to this Partner-Driven Integrations Catalog (https://aka.ms/PartnerDrivenProvisioning, the “Integrations Catalog”). References to the “Gallery” shall be read as the “Integrations Catalog” and references to an “App” shall be read as “Integration”.

If you don't agree with these terms, you shouldn't submit your Integration for listing in the Integrations Catalog. If you submit an Integration to the Integrations Catalog, you agree that you or the entity you represent (“YOU” or “YOUR”) is bound by these terms.

Microsoft reserves the right to accept or reject your proposed Integration in its sole discretion and reserves the right to determine the manner in which Apps are presented, promoted, or featured in this Integrations Catalog.