You can automatically create and disable users with SCIM user provisioning in Microsoft Entra ID.
📌This feature is an add-on feature available for all paid Orchidea plans
System for Cross-Domain Identity Management (SCIM) is an open standard protocol for automating the exchange of user identity information between identity domains and Orchidea.
This is how you create a SCIM integration between Orchidea and Microsoft Entra ID:
- Move to workspace admin => User management and open the SCIM tab.
- Click Create new SCIM secret.
- Select in Chosen IDP the IDP that you want to assign in Orchidea for the new users that are created with the SCIM integration
- Copy both the SCIM URL and SCIM secret to your notes to be used later in the process
- Move to the Microsoft Entra admin center and open Applications => Enterprise applications. Click the related list item to open the SSO integration created between Entra ID and Orchidea.
- Open Provisioning
- Select Automatic in Provisioning mode
- Fill in the information that you copied earlier in 1.c and test the connection
- Fill the SCIM URL from 1.c to Tenant URL
- Fill the SCIM secret from 1.c to Secret Token
- Click Test Connection
- Save the credentials
- Open Mappings
- Click on Provision Microsoft Entra ID Users
- Delete in Attribute Mappings all other attributes except
- userName
- externalId
- active
- name.givenName
- name.familyName
- Edit userName attribute
- Change Source attribute to "mail" and click Ok
- Edit externalId attribute
- Change
- Source attribute to "objectId"
- Match objects using this attribute to "Yes"
- Matching precedence to "2"
- Save changes by clicking Ok
- Select in Settings whether you want to synchronize with SCIM
- Only assigned users or groups or
- All users and groups
- Save the SCIM settings
- Start provisioning with SCIM
