Configuring SCIM in Microsoft Entra ID

Microsoft Entra ID

1. Sign in to the Azure portal.
2. Browse to Azure Active Directory > Enterprise applications.
3. Select New application and select Create your own application.
4. Type a name for your application and choose the integrate any other application you don't find in the gallery option.
5. Select Create to create the new app.
6. In the app management screen, select Provisioning.
7. Next to the Provisioning Mode option, select Automatic.
8. Next to Tenant URL, type the URL of the Laserfiche Directory Server SCIM service, for example:

   https://sample.hostname.com/LFDS-SCIM

   Note: You can view the SCIM Service base URL from the Laserfiche SCIM Service Configuration Utility.

9. Next to Secret Token, copy a bearer token generated from the Laserfiche SCIM Service Configuration Utility.
10. In the Mappings section, review user and group attributes that are synchronized from Azure Active Directory to Laserfiche Directory Server. The attributes selected as Matching properties are used to match the users and groups for update operations. Laserfiche Directory Server Update 3 currently only supports userName as a matching property.
11. Under Settings, select Sync only assigned users and groups to only sync users and groups assigned in the Users and groups tab.
12. Set the Provisioning Status option to On.
13. Select the Users and groups tab and assign the users or groups to synchronize with Directory Server. By default, the synchronization process runs every 40 minutes.

Note: Please see the Microsoft documentation for more information on provisioning a SCIM endpoint.