How to Integrate Microsoft Entra ID as a SCIM Client with Drupal

Overview

The User Provisioning & Sync Module allows you to automatically create (provision) and delete (deprovision) user accounts and have them synced bidirectionally between Drupal and Microsoft Entra ID. Any changes or updates done to the user information can also be synced between the SCIM Client and Server. Keep reading to see how it’s done.

Installation Steps

• Using Composer
• Using Drush
• Manual Installation

• Download the module:

  composer require 'drupal/user_provisioning'

• Navigate to Extend menu on your Drupal admin console and search for miniOrange User Provisioning using the search box.
• Enable the module by checking the checkbox and click on Install button.
• Configure the module at

  {BaseURL}/admin/config/people/user_provisioning/overview

• Install the module:

  drush en user_provisioning

• Clear the cache:

   drush cr

• Configure the module at

  {BaseURL}/admin/config/people/user_provisioning/overview

• Navigate to Extend menu on your Drupal admin console and click on Install new module button.
• Install the Drupal User Provisioning and Sync module either by downloading the zip or from the URL of the package (tar/zip).
• Click on Enable newly added modules.
• Enable this module by checking the checkbox and click on Install button.
• Configure the module at

  {BaseURL}/admin/config/people/user_provisioning/overview

Create Application in Microsoft Entra ID:

• Log into the Azure Portal.
• Select Enterprise Applications under Azure Services.

• Click on the New application.

• Click on the Create your own application in Browse Microsoft Entra Gallery.

• Enter the application name in the What's the name of your app? field.
• Under What are you looking to do with your application?, select Integrate any other application you don't find in the gallery (Non-gallery), then click the Create button.

Setup Microsoft Entra ID as SCIM Client:

• Click on Provision User Accounts.

• Next, click the New configuration.

• Paste the copied SCIM Base URL and Bearer Token into the Tenant URL and Secret Token fields, respectively.
• Once done, click Test connection and save your changes.

• After a successful test connection, go to the Provisioning tab in the left-side panel.

• Under the Settings section, select Sync only assigned users and groups in the Scope dropdown.
• Toggle the Provisioning status button to On, then click the Save button.

How to Assign a User:

• Navigate to the Overview tab in the Microsoft Entra ID application and select Assign users and groups.

• Click on the Add users/group.

• Click the None Selected link under Users and search for the user(s) you want to assign.
• Select the user(s) and click the Select button.
• Then, click the Assign button.

• The user has been successfully assigned.

On-Demand Provisioning:

• Navigate to the Provision on demand section of the Microsoft Entra ID application and search for the user you want to provision.

• Select the user and click on the Provision button.

• If the user is successfully provisioned, the following screen will be shown:

• Let us verify whether the user has been successfully provisioned to the Drupal site:
• Navigate to the Drupal site and click on the People tab in the top navigation panel (/admin/people).
• The user has been successfully created on the Drupal site.

Group Provisioning:

• Navigate to the Overview tab in the Microsoft Entra ID application and select Assign users and groups.
• Select the group you want to provision to the Drupal site, then click the Select button.

• After selecting the user, click the Assign button.

• The group has been assigned successfully.

Congratulations, you have successfully set up Drupal as the SCIM server and Microsoft Entra ID as the SCIM client.

If the provisioning was not successful, please contact us at drupalsupport@xecurify.com. Kindly include a screenshot of the error window, and we will assist you in resolving the issue and guide you through the setup.