Use this procedure to add users and groups to IDaaS from a third-party application (SCIM 2.0 client), such as Microsoft Entra ID, to IDaaS. When configured, changes to user and group information in the third-party application are made to the users that are mapped to IDaaS.
Provision users and groups into IDaaS from another service
1. Create an Administration API application in IDaaS, assign the API the SCIM Provisioning role and generate a long-lived token. See Integrate Administration API.
Note: When creating an Administration API for SCIM provisioning, assign the SCIM Provisioning role to the Admin API.
2. Copy and paste from the Administration API the long-lived token to a text file such as Notepad.
3. Make note of your IDaaS Tenant URL and add it to the text file.
Note: The IDaaS
SCIM endpoint is /api/web/scim/v2/.
Example: mycompany.us.trustedauth/com/api/web/scim/V2/
4. Open your SCIM 2.0 client.
5. Locate the provisioning section of your SCIM 2.0 client.
6. Copy and paste, where required, the long-lived token and IDaaS tenant URL.
7. Save your inbound SCIM application.