Azure AD SCIM Client

Overview

This is a basic example to get started configuring Azure AD/Microsoft Entra ID as a SCIM client and establish a connection between FusionAuth and Azure AD for provisioning purposes.

For complete documentation, please refer to the Azure AD/Microsoft Entra ID provisioning documentation.

Azure AD is Microsoft Entra ID. But the usage of Azure AD is common. In this document, wherever you see Azure AD, rest assured we mean Microsoft Entra ID as well.

To configure the integration, in the Microsoft Azure console, navigate to Azure AD and click on Enterprise Applications and either create a new application, or select the application you will be using for SCIM provisioning. Once you have selected the application, click on Provisioning in the left navigation under the Manage section.

Here you will find an Update Credentials option in the Manage Provisioning section at the bottom of the page. Expand the Admin Credentials section find the required configuration fields.

Home -> Azure AD -> Enterprise Applications -> Provisioning -> Update credentials Azure AD SCIM Provisioning Integration
Tenant URL

Set this value equal to the FusionAuth SCIM tenant URL found in the Tenant view dialog.

For example, if the base URL for FusionAuth is https://piedpiper.com, your SCIM URL will be https://piedpiper.com/api/scim/resource/v2

Secret Token

This value will be set using the access token generated using the client credentials grant for the SCIM client entity and the SCIM server entity. Learn more about getting the access token.