The API works with system-of-record solutions.
Microsoft on Wednesday announced a preview of "Microsoft Entra API-driven provisioning," which promises to ease HR data sharing with Microsoft's identity and access management solutions. Cash Register Systems
Specifically, the Entra API-driven provisioning works with so-called "system-of-record" software information, such as data from human resources (HR) applications. For instance, Microsoft's announcement included the following testimonial from partner SmartHR on the benefits of Entra API-driven provisioning:
With API-driven provisioning, our customers can link employee information in SmartHR with Microsoft Entra ID. This will reduce the time and effort required to manage accounts as employees join, move, or leave the company.
Microsoft already has its Microsoft Graph API, but its use requires that the shared data be in OData format, per Microsoft's FAQ on API-driven inbound provisioning. In contrast, Entra API-driven provisioning uses "standard SCIM schema attributes to abstract schema differences across systems and provide a consistent mapping experience," the announcement explained.
SCIM, or System for Cross-domain Identity Management, is a standard and a REST- and JSON-based protocol for transmitting identity data that's used to automate user provisioning processes, according to a description by identity services company Okta.
Entra API-driven provisioning works with "any system of record." Organizations can use any automation tool to "retrieve workforce data from the system of record and ingest it into Azure AD," Microsoft explained in this Microsoft document.
The document also suggested that IT departments would have "full control" over the data processing associated with Entra API-driven provisioning:
The IT admin has full control on how the data is processed and transformed with attribute mappings. Once the workforce data is available in Azure AD, the IT admin can configure appropriate joiner-mover-leaver business processes using Lifecycle Workflows.
Lifecycle Workflows is used to automate the assignment and management of access rights, and it also has monitoring capabilities for when user attributes change. Lifecycle Workflows is part of Microsoft Entra ID Governance, a product that Microsoft commercially released in June.
The Entra API-driven provisioning preview can import data from "sources like CSV files and SQL staging tables using the automation tool of your choice," Microsoft noted. It can automatically provision both "cloud-only users and hybrid users" using "any trusted source."
The preview makes it easy for organizations to automate the user lifecycle, suggested Alex Simons, corporate vice president of product management for the Microsoft Identity and Network Access Division.
"With our new inbound provisioning API, it's straightforward to provision users from cloud or on-premises HR systems," he stated in an Aug. 23 Twitter post.
Kurt Mackie is senior news producer for 1105 Media's Converge360 group.
While the question has been raised countless times, let's take a current look at what gen AI means for the workforce.
In an attempt to meet the demand of Microsoft's AI services, the company has signed a multi-year deal to use Oracle Cloud Infrastructure (OCI) for compute resources
Organizations can prepare today for future attacks that could be enabled by breakthroughs in quantum computing, Microsoft suggested, in a Nov. 1 post.
Microsoft on Thursday announced a Secure Future Initiative (SFI) approach to dealing with cybersecurity threats.
Microsoft could further give users a piece of mind by adding a security focused Role Based Access Control to its productivity suite.
20 Easy Steps To Creating an AI Chatbot in 30 Minutes
The Definitive Ransomware Checklist Summit: REGISTER NOW!
NOW AVAILABLE ON DEMAND: Cloud Data Threat Outlook Summit
Payment Terminal Problems? Questions? Feedback? E-mail us.