This should not be used for initial setup of SCIM based Directory Sync. This should only be used if you had previously setup and had an operational SCIM Sync with Microsoft Entra ID and you deleted the Enterprise application in Azure.

Before you start you will need to get the following from your SurePath AI technical support team:

Login to your Azure portal.

From your Enterprise Application dashboard, select "New Application".

Select "Create your own application" and continue.

Give your application a descriptive name such as SurePath AI - SCIM, and select the "Integrate any other application you don't find in the gallery (Non-gallery)" option, then click "Create".

Select "Provisioning" from the "Manage" section found in the navigation menu of the SCIM application.

Click the "Get Started" button.

Select the "Automatic" Provisioning Mode from the dropdown menu.

Copy and paste the endpoint into the "Tenant URL" field.

Copy and paste the Bearer Token into the Secret Token field.

Expand the "Mappings" section.

Make sure the group and user attribute mappings are enabled, and are mapping the correct fields. The default mapping should work, but your specific Azure setup may require you to add a custom mapping.

Make sure that you are mapping "objectId" to "externalId" within the Attribute Mapping section.

Ensure the emails[type eq “work”].value SCIM attribute is receiving a valid email value. For cloud-managed users, confirm that a known email attribute, such as UPN, is being pulled from the mail attribute in Exchange. If your directory has synchronized-users, make sure that the userPrincipalName attribute is mapped to emails[type eq "work"].value.

You will need to add the privious users and groups to be synced to SurePath AI. If needed you can get this information from the SurePath AI admin.

Select "Users and groups" from the "Manage" section of the navigation menu.

Select "Add user/group" from the top menu.

Select "None selected" under the "Users and Groups". In the menu, select the users and groups that you want to add to the SCIM application, and click "Select".

Select "Assign" to add the selected users and groups to your SCIM application.

Confirm the "Provisioning Status" is set to "On" and that the "Scope" is set to "Sync only assigned users and groups".

Be sure to save the configuration when you are done.

Select "Provisioning" from the "Manage" menu.

Review the "Completed" time. This will take a few minutes.

You can also contact your SurePath AI support team and have them check the internal systems to ensure they are receiving data again.

​