Entra Integration
SCIM Virtual Directory
for Entra & Azure IAM
Ship enterprise identity and access management provisioning everywhere—microservice SCIM that extends Microsoft Entra ID to applications your catalog does not cover natively.
The Challenge
Why SCIM?
In today's "work from anywhere" model, cloud-based identity management solutions are quickly becoming the norm. To enable interoperable cloud provisioning, Microsoft has adopted the System for Cross-Domain Identity Management (SCIM) protocol in Azure.
SCIM was created as a powerful means of standardizing, simplifying, and automating identity management of users, groups, and devices across cloud-based applications and services. Microsoft is betting big on it.
The problem? SCIM has yet to become widely adopted. Many applications simply do not support it. If you have SAP S/4 HANA, SAP Ariba, UltiPro, or custom applications, you cannot integrate them with Microsoft Entra ID unless you or the vendor builds a SCIM interface — no small task.
All the Advantages of SCIM Without the Effort
- Convert applications to SCIM without waiting for vendors
- No need to build custom SCIM interfaces
- Leverage Microsoft Entra ID provisioning for legacy applications
Watch the Demo
Microsoft Entra Identity Management Webinar
Microsoft Entra Identity Management
Microsoft Entra ID has grown in importance from merely being one of an organization's directories to becoming the hub for all of an organization's applications and digital identities. Learn how EmpowerID helps organizations undergo "Digital Transformation" in how they operate.
How It Works
Easy Integration for All Applications
By adopting SCIM, Microsoft paved the way for integrating any SCIM-compliant application with Microsoft Entra ID. EmpowerID extends this to all your applications.
Microsoft aims to make Microsoft Entra ID the central point for authentication, conditional access, and MFA for all your identity-aware applications. While this sounds great, the reality is that many vendors have yet to adopt SCIM. Without SCIM adoption, there's no way to connect their applications to Microsoft Entra ID.
EmpowerID is the first company to create a stable, fully functioning SCIM Virtual Directory that allows you to connect all your identity-aware applications to EmpowerID, and then by virtue of your connection to EmpowerID, connect to Microsoft Entra ID.
The SCIM VDS Flow
The SCIM Virtual Directory is a microservice and SCIM server that can be deployed as an App Service in Azure tenants. This makes the SCIM VDS the go-between for Azure and any applications registered in EmpowerID.
For example, if you have connected EmpowerID to Salesforce and an HR system and a new user is provisioned in Microsoft Entra ID, EmpowerID intercepts the call to provision the new user and directs it to the appropriate systems.
URL-Based Routing
Simply specify the path to the application registered in EmpowerID. The last part of the path points to the application — this is how EmpowerID knows where to direct the call made by Azure. This allows you to SCIM-enable any system connected to EmpowerID without needing to create a specific SCIM connector for that system.
Beyond Simple Pass-Through
Workflow-Driven VDS
Traditional SCIM connectors simply "fire and forget." They pass commands from one system to another with no middle layer of logic — essentially just a SCIM gateway.
The EmpowerID SCIM VDS takes a different approach. Not only does it pass commands from one system to another, but it evaluates your business processes while doing so.
We call this approach "Everything is a Workflow" — central to the EmpowerID paradigm. Commands are evaluated by the VDS, which can:
- Trigger policies
- Invoke naming conventions
- Generate strong passwords
- Send policy violations for human approval
Microsoft Entra ID Provisioning Service sends commands to EmpowerID SCIM VDS, which invokes the appropriate workflow before sending commands downstream.
Ready to Extend Entra Provisioning?
The EmpowerID SCIM VDS is a powerful tool that brings Microsoft Entra ID Provisioning Service to any of your identity-aware applications while making Azure subscription management much easier.
Contact Us for the SCIM VDS Solution GuideSee SCIM VDS in Action
Experience how EmpowerID extends Microsoft Entra ID provisioning to your entire application landscape.
