Entra ID

Microsoft Entra SCIM 2.0 APIs Now Generally Available

3 min read

Summary

Microsoft Entra has introduced new SCIM 2.0 APIs that let external SCIM-compatible identity sources provision and manage users and groups directly in Entra. The update matters for IT teams because it enables standards-based identity lifecycle automation, reduces custom integration work, and supports reuse of existing SCIM tooling and workflows.

Audio Summary

0:00--:--
Need help with Entra ID?Talk to an Expert

Introduction

Microsoft Entra is expanding its identity lifecycle capabilities with new SCIM 2.0 APIs that allow external SCIM-compatible systems to provision users and groups directly into Entra. For IT administrators, this means a more standardized way to automate identity onboarding, updates, and offboarding without relying on custom connectors.

What's new

Microsoft has announced general availability of Microsoft Entra SCIM 2.0 APIs in the public cloud. With this release, Microsoft Entra can now act as a SCIM service provider (server), allowing external SCIM clients to manage identity objects using standard SCIM operations.

Key capabilities include:

  • Provision and deprovision users in Microsoft Entra from HR systems, SaaS apps, or custom platforms
  • Update user attributes using standard SCIM schema and supported extensions
  • Manage Microsoft Entra ID security groups and Microsoft 365 groups, including memberships
  • Reuse existing SCIM clients, orchestration tools, and automation frameworks
  • Discover supported schemas and capabilities through standard SCIM endpoints

This is especially useful for organizations that already use SCIM-based identity governance or provisioning tools and want to extend those same processes into Microsoft Entra.

Why this matters for IT admins

The biggest advantage is consistency. Instead of building custom provisioning logic for Entra, teams can use familiar SCIM-based workflows across more systems. That can simplify identity lifecycle management, reduce integration complexity, and improve governance.

Common use cases include:

  • Syncing users from HR systems into Entra
  • Automating onboarding and offboarding
  • Mapping attributes based on department, role, or employment status
  • Managing group membership for access control and application assignment

For organizations focused on security and operational efficiency, standardizing identity automation can also help reduce delays and provisioning errors.

Availability and licensing

Microsoft says the SCIM 2.0 APIs are now generally available in the Microsoft Entra public cloud. Support for Microsoft Entra ID for US Government is expected by the end of June 2026.

The service uses a consumption-based pricing model, so administrators should review Microsoft pricing documentation to understand eligibility and expected costs.

Next steps

Admins and identity engineers should:

  • Review the Microsoft Learn documentation for setup and permissions
  • Validate how current SCIM clients can integrate with Entra
  • Test user and group provisioning flows in a controlled environment
  • Check pricing implications before broader rollout

For organizations already invested in SCIM, this release could make Microsoft Entra a much easier fit within existing identity automation strategies.

Need help with Entra ID?

Our experts can help you implement and optimize your Microsoft solutions.

Talk to an Expert

Stay updated on Microsoft technologies

Read the original article by Joseph Dadzie
Microsoft EntraSCIM 2.0identity provisioninguser lifecycle managementgroup management

Related Posts

Entra ID

macOS Platform SSO in ADE Now Generally Available

Microsoft has made Platform SSO during Automated Device Enrollment generally available for macOS. The update lets organizations register devices and enable Platform SSO automatically during setup, reducing user prompts and helping IT teams deliver a more secure, consistent onboarding experience from day one.

Entra ID

Microsoft Identity Manager 2016 SP3 Now Available

Microsoft Identity Manager 2016 SP3 is now generally available, bringing improved stability, broader platform compatibility, and a new Azure SQL Database deployment option for the Synchronization Service. The update matters for organizations running hybrid identity environments because it reduces operational risk, supports newer infrastructure components, and gives customers a supported path forward while planning longer-term moves to Microsoft Entra.

Entra ID

Microsoft Entra Face Check Secures High-Risk Identity Flows

Microsoft is expanding Face Check in Microsoft Entra Verified ID to strengthen identity verification during remote onboarding, access requests, and account recovery. The update removes per-user Face Check limits in Microsoft Entra Suite and highlights general availability for verified account recovery, helping organizations reduce impersonation risk and help desk dependency.

Entra ID

Microsoft Entra May 2026: Global Secure Access GA

Microsoft Entra’s May 2026 updates focus heavily on Global Secure Access, certificate-based authentication, and stronger privileged access controls. The new capabilities help IT teams extend Zero Trust protections to branch offices, mobile devices, external users, and AI workloads while improving usability and policy enforcement.

Entra ID

Microsoft Entra ID Passkeys: Fixing Recovery Gaps

Microsoft is expanding its passkey-first strategy in Entra ID by addressing the security gaps that remain after passkey deployment, including fallback credentials and weak account recovery. New capabilities such as Windows passkeys, passkey-preferred authentication, and generally available Entra ID account recovery help organizations reduce phishing and social engineering risk while improving user experience.

Entra ID

Microsoft Entra Webinar Series Strengthens Identity Security

Microsoft has launched a five-part Secure identity foundation with Microsoft Entra webinar series focused on passwordless authentication, Conditional Access, ID Protection, Tenant Governance, and Backup and Recovery. The series gives IT and security teams practical deployment guidance to strengthen access management, improve tenant visibility, and build more resilient identity protections across cloud and hybrid environments.