Generating a SCIM Token

Within your helpdesk, go to Admin > Apps & Integrations > SCIM Tokens and click the + New button.

Enter a name in the Description field, set the Status to Active and click the Create button at the bottom of the page.

Select the Token you've created, and make a note of the Token and SCIM Endpoint, as you will have to enter these into your Microsoft Entra SAML app shortly.

Configuring SCIM Provisioning in Microsoft Entra

In your Microsoft Entra SAML application, select Provisioning and click Get started

By default, the Provisioning Mode will be set to Manual. Change this to Automatic, and some new fields will display.

Paste your SCIM Endpoint into the Tenant URL field, and your SCIM Token into the Secret Token field, and click Test Connection. Once the test is successful, click Save at the top of the page.

Testing and Starting SCIM Provisioning

Your SCIM endpoint should now been configured, but it will not be enabled. Go back to the Provisioning page in your Microsoft Entra SAML application, and the page should change to display the cycle status and provisioning controls.

Select Provision on demand to run a test to confirm everything is working as expected.

In the next window, enter the name of a user which has been assigned to your Microsoft Entra SAML application, and click Provision at the bottom of the page to run the test. If all sections display a green tick, then the provisioning was successful.

Finally, close this window and click Start provisioning in order to enqueue the first provisioning cycle.