Skip to main content
All CollectionsMicrosoft 365Configure User ProvisioningSCIM
Integrate inSync user management with SCIM
Integrate inSync user management with SCIM
Updated over 6 months ago

Overview

Druva enables inSync administrators to automate user management in Druva inSync using System for Cross-domain Identity Management (SCIM) v2.0. SCIM is a standard for the exchange of user identities between identity providers (IdPs) and applications requiring user identity information (such as enterprise SaaS apps).

After integration with SCIM,

  • User accounts are automatically created in Druva inSync when new user accounts are assigned to the SCIM app in the IdP.

  • User account status and related information are automatically updated in Druva inSync based on the updates in the IdP. The following updates to user information are supported currently:

    • Change in Display Name (combination of First Name + Last Name or vice-versa)

    • Change in the Email address

    • Change in User account status update, that is, change of user account status from active to inactive, and inactive to active only.

  • User accounts are automatically preserved in Druva inSync when user accounts are deactivated from the IdP or deleted from the SCIM app.

Syncing user with domain changes

After an synchronization with the IDP, the Druva database is updated with the latest user information, including email addresses, User Principal Names (UPNs), and other relevant details sourced from IDP. This synchronization process ensures that incremental backups for Exchange Online users continue to function correctly, even if their domain affiliations change, preventing backup failures due to such changes.


📝 Note

  1. If a domain or username is changed for a user account, but a new account with the same name as the previously changed one is created before synchronization completes, a data mismatch can occur. This results in the new user’s data being backed up in the latest snapshot, while the old user’s data remains in previous snapshots, leading to data from both users being present across different snapshots.

  2. This solution targets the Exchange Online Graph client API and does not cover the legacy APIs.


Did this answer your question?