Entra ID

Microsoft Entra SCIM 2.0 APIs Now Generally Available

3 min read

Summary

Microsoft Entra has introduced new SCIM 2.0 APIs that let external SCIM-compatible identity sources provision and manage users and groups directly in Entra. The update matters for IT teams because it enables standards-based identity lifecycle automation, reduces custom integration work, and supports reuse of existing SCIM tooling and workflows.

Audio Summary

0:00--:--
Need help with Entra ID?Talk to an Expert

Introduction

Microsoft Entra is expanding its identity lifecycle capabilities with new SCIM 2.0 APIs that allow external SCIM-compatible systems to provision users and groups directly into Entra. For IT administrators, this means a more standardized way to automate identity onboarding, updates, and offboarding without relying on custom connectors.

What's new

Microsoft has announced general availability of Microsoft Entra SCIM 2.0 APIs in the public cloud. With this release, Microsoft Entra can now act as a SCIM service provider (server), allowing external SCIM clients to manage identity objects using standard SCIM operations.

Key capabilities include:

  • Provision and deprovision users in Microsoft Entra from HR systems, SaaS apps, or custom platforms
  • Update user attributes using standard SCIM schema and supported extensions
  • Manage Microsoft Entra ID security groups and Microsoft 365 groups, including memberships
  • Reuse existing SCIM clients, orchestration tools, and automation frameworks
  • Discover supported schemas and capabilities through standard SCIM endpoints

This is especially useful for organizations that already use SCIM-based identity governance or provisioning tools and want to extend those same processes into Microsoft Entra.

Why this matters for IT admins

The biggest advantage is consistency. Instead of building custom provisioning logic for Entra, teams can use familiar SCIM-based workflows across more systems. That can simplify identity lifecycle management, reduce integration complexity, and improve governance.

Common use cases include:

  • Syncing users from HR systems into Entra
  • Automating onboarding and offboarding
  • Mapping attributes based on department, role, or employment status
  • Managing group membership for access control and application assignment

For organizations focused on security and operational efficiency, standardizing identity automation can also help reduce delays and provisioning errors.

Availability and licensing

Microsoft says the SCIM 2.0 APIs are now generally available in the Microsoft Entra public cloud. Support for Microsoft Entra ID for US Government is expected by the end of June 2026.

The service uses a consumption-based pricing model, so administrators should review Microsoft pricing documentation to understand eligibility and expected costs.

Next steps

Admins and identity engineers should:

  • Review the Microsoft Learn documentation for setup and permissions
  • Validate how current SCIM clients can integrate with Entra
  • Test user and group provisioning flows in a controlled environment
  • Check pricing implications before broader rollout

For organizations already invested in SCIM, this release could make Microsoft Entra a much easier fit within existing identity automation strategies.

Need help with Entra ID?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Read the original article by Joseph Dadzie
Microsoft EntraSCIM 2.0identity provisioninguser lifecycle managementgroup management

Related Posts

Entra ID

Conditional Access Optimization Agent Gets Smarter

Microsoft has expanded the Conditional Access Optimization Agent in Entra ID public preview with context-aware recommendations, continuous gap analysis, least-privilege enforcement for agent identities, phased rollouts, passkey campaigns, and Zero Trust posture reporting. These updates help security teams move from static policy reviews to continuous identity security optimization with safer deployment and clearer visibility into access gaps.

Entra ID

Microsoft Entra Tenant Governance for Multi-Tenant Security

Microsoft has introduced Entra Tenant Governance to help organizations discover, govern, and secure related tenants from a central control plane. The new capabilities matter for IT teams managing mergers, acquisitions, and shadow IT because they reduce cross-tenant risk, streamline delegated administration, and enforce consistent security baselines at scale.

Entra ID

Microsoft Entra Backup and Recovery Enters Preview

Microsoft has launched Microsoft Entra Backup and Recovery in public preview, giving organizations a Microsoft-managed way to restore critical identity objects and configurations to a known-good state. The service helps IT teams recover faster from accidental admin changes, provisioning errors, and malicious modifications that could otherwise disrupt access and security.

Entra ID

Microsoft Entra External MFA Now Generally Available

Microsoft has announced general availability of external MFA in Microsoft Entra ID, allowing organizations to integrate trusted third-party MFA providers using OpenID Connect. The feature lets IT teams keep Microsoft Entra ID as the central identity control plane while maintaining Conditional Access, risk evaluation, and unified authentication method management.

Entra ID

Microsoft Entra RSAC 2026 Identity Security Updates

At RSAC 2026, Microsoft announced major Microsoft Entra updates aimed at securing not only users and devices but also AI agents, workloads, and modern multi-tenant environments. The new capabilities—such as expanded Entra Agent ID governance, shadow AI detection, prompt injection protection, passkey enhancements, and adaptive risk-based access—matter because they strengthen Zero Trust identity security as organizations adopt AI and face more dynamic access risks.

Entra ID

Microsoft Entra Secure Access Report 2026 on AI Risk

Microsoft’s Entra Secure Access Report 2026 says AI adoption is significantly increasing identity and network access risk, with 97% of organizations reporting an access-related incident in the past year and 70% tying incidents to AI activity. The report argues that fragmented identity and network tools are making the problem worse, which matters because more organizations are now moving toward consolidated access platforms to better secure AI tools, agents, and machine identities.