Entra ID

Microsoft Entra SCIM 2.0 APIs Now Generally Available

3 min read

Summary

Microsoft Entra has introduced new SCIM 2.0 APIs that let external SCIM-compatible identity sources provision and manage users and groups directly in Entra. The update matters for IT teams because it enables standards-based identity lifecycle automation, reduces custom integration work, and supports reuse of existing SCIM tooling and workflows.

Need help with Entra ID?Talk to an Expert

Introduction

Microsoft Entra is expanding its identity lifecycle capabilities with new SCIM 2.0 APIs that allow external SCIM-compatible systems to provision users and groups directly into Entra. For IT administrators, this means a more standardized way to automate identity onboarding, updates, and offboarding without relying on custom connectors.

What's new

Microsoft has announced general availability of Microsoft Entra SCIM 2.0 APIs in the public cloud. With this release, Microsoft Entra can now act as a SCIM service provider (server), allowing external SCIM clients to manage identity objects using standard SCIM operations.

Key capabilities include:

  • Provision and deprovision users in Microsoft Entra from HR systems, SaaS apps, or custom platforms
  • Update user attributes using standard SCIM schema and supported extensions
  • Manage Microsoft Entra ID security groups and Microsoft 365 groups, including memberships
  • Reuse existing SCIM clients, orchestration tools, and automation frameworks
  • Discover supported schemas and capabilities through standard SCIM endpoints

This is especially useful for organizations that already use SCIM-based identity governance or provisioning tools and want to extend those same processes into Microsoft Entra.

Why this matters for IT admins

The biggest advantage is consistency. Instead of building custom provisioning logic for Entra, teams can use familiar SCIM-based workflows across more systems. That can simplify identity lifecycle management, reduce integration complexity, and improve governance.

Common use cases include:

  • Syncing users from HR systems into Entra
  • Automating onboarding and offboarding
  • Mapping attributes based on department, role, or employment status
  • Managing group membership for access control and application assignment

For organizations focused on security and operational efficiency, standardizing identity automation can also help reduce delays and provisioning errors.

Availability and licensing

Microsoft says the SCIM 2.0 APIs are now generally available in the Microsoft Entra public cloud. Support for Microsoft Entra ID for US Government is expected by the end of June 2026.

The service uses a consumption-based pricing model, so administrators should review Microsoft pricing documentation to understand eligibility and expected costs.

Next steps

Admins and identity engineers should:

  • Review the Microsoft Learn documentation for setup and permissions
  • Validate how current SCIM clients can integrate with Entra
  • Test user and group provisioning flows in a controlled environment
  • Check pricing implications before broader rollout

For organizations already invested in SCIM, this release could make Microsoft Entra a much easier fit within existing identity automation strategies.

Need help with Entra ID?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Microsoft EntraSCIM 2.0identity provisioninguser lifecycle managementgroup management

Related Posts

Entra ID

Microsoft Purview and Entra Add Real-Time AI DLP

Microsoft has announced a public preview that extends data protection to the network layer using Microsoft Purview and Microsoft Entra. The integration helps organizations detect and block sensitive data moving to unmanaged SaaS, personal cloud storage, and generative AI apps in real time, reducing data leakage risk before exposure occurs.

Entra ID

Entra PIM Custom Extensions Preview for Role Activation

Microsoft has introduced preview support for custom extensions in Microsoft Entra Privileged Identity Management, allowing organizations to call a REST API during role activation to enforce business-specific rules. This helps IT teams automate checks such as ticket validation, HR status, compliance gates, and on-call logic while improving auditability and reducing manual approval gaps.

Entra ID

Microsoft Entra Backup and Recovery GA Now Available

Microsoft Entra Backup and Recovery is now generally available for customers with Entra ID P1 or P2, bringing built-in recovery for critical identity objects across workforce tenants. The release extends retention from 5 to 7 days and adds more flexibility for snapshots, difference reports, and recovery jobs, helping IT teams respond faster to accidental or malicious changes.

Entra ID

Microsoft Entra AI Security Webinar Series Announced

Microsoft has launched a three-part Microsoft Entra and Purview webinar series focused on securing AI at scale. The sessions cover identity, access, data protection, browser and network controls, and governance for AI agents, giving IT teams practical guidance for safer AI adoption.

Entra ID

Azure AD B2C Migration Tools Now Available

Microsoft has released generally available migration tools and guidance to help Azure AD B2C customers move to Microsoft Entra External ID. With Azure AD B2C no longer receiving new features, these new options give IT teams a clearer path to modernize customer identity while reducing migration risk.

Entra ID

Microsoft Entra ID Security Updates: Key 2026 Changes

Microsoft is making three important Microsoft Entra ID security changes in 2026: retiring Custom controls in favor of External MFA, enforcing Conditional Access more consistently during credential registration, and requiring explicitly registered authentication methods for SSPR. These updates matter because they close policy enforcement gaps, improve identity security, and require admins to review configurations before enforcement deadlines arrive.