(formerly Azure AD)

SCIM 2.0 Implementation Manual for Quill

Introduction

System for Cross-domain Identity Management (SCIM) 2.0 is an open standard protocol designed to simplify cloud identity management. It automates user provisioning and deprovisioning across multiple domains, ensuring secure, seamless identity management. This document outlines how to implement and integrate SCIM 2.0 endpoints in Quill to handle user and group provisioning/deprovisioning from Microsoft Entra ID (formerly Azure AD).

Key Features

Automation of User Management

• Provisioning: Automatically adds new users to an application or system as soon as they are created in the identity management system.
• Deprovisioning: Automatically removes users when they no longer require access.

Ease of Integration - SCIM is based on RESTful APIs and JSON, making it straightforward to implement in modern applications.

Standardization - SCIM provides a uniform method for managing identities across multiple applications and systems. This eliminates the need for organizations to build custom integrations.

Group Management - In addition to users, SCIM also supports managing groups, including adding or removing users from groups.

How SCIM 2.0 Works

Endpoints - SCIM provides standard endpoints such as /Users and /Groups to manage identity data. ****For example: A POST request to /Users can create a new user in an application.

Schema - SCIM defines a standard schema that describes the attributes of a user or group, such as name, email address, username, etc.

Authentication - SCIM 2.0 typically uses OAuth 2.0 or API tokens to authenticate access to the endpoints.

Steps to install and configure

Step 1: Create an Enterprise Application

Ensure that an enterprise application has been created.

Step 2: Configure SCIM in the Enterprise Application

2.1 Access the Application