Azure AD SCIM Setup
Configure automatic user provisioning from Microsoft Entra ID (Azure AD) to SecureCodingHub using SCIM 2.0.
Prerequisites
- Azure AD tenant with admin access
- SecureCodingHub org admin account
- SSO configured (recommended but not required)
Step 1 — Generate a SCIM Token
Log in to SecureCodingHub as Org Admin
Go to Settings → SCIM
Click Generate Token
Copy the token — it is shown only once
Step 2 — Configure Provisioning in Azure AD
Go to Azure Portal → Microsoft Entra ID → Enterprise Applications
Select your SecureCodingHub application (or create one)
Go to Provisioning → Get started
Provisioning Mode: Automatic
Tenant URL: https://api.securecodinghub.com/api/sch/scim/v2
Secret Token: paste your SCIM token
Click Test Connection — should succeed
Save
Step 3 — Configure Attribute Mapping
Ensure the following attributes are mapped correctly in your Azure AD provisioning configuration:
| Azure AD Attribute | SecureCodingHub SCIM Attribute |
|---|---|
userPrincipalName | userName |
mail | emails[type eq "work"].value |
givenName | name.givenName |
surname | name.familyName |
Switch([IsSoftDeleted]...) | active |
Step 4 — Start Provisioning
Set provisioning status to On
Save
Azure AD runs the initial cycle (may take 20–40 minutes)
Subsequent cycles run every ~40 minutes
Step 5 — Verify
Check SecureCodingHub Users page
Review provisioning logs in Azure Portal