Azure AD SCIM Provisioning - How to sync passwords? RRS feed

  • Question

  • I am trying to implement SCIM protocol in a custom app (python) and sync users from Azure AD to my app.

    I reached out to Azure support and got a confirmation that all attributes are synced. I can get user creation request from Azure with, name, username, email and preffered lagnuage atrributes however the password is not sent.

    I updated mapping for the app to include "passwordProfile.password" attribute but the POST request that comes to my app for user create action does not include the password.

    Is it even possible to get user password synced? Am I missing something?

    Many thanks.

    Sunday, September 15, 2019 9:29 PM

All replies

  • The users provisioned through SCIM provisioning from Azure AD use Azure AD as the IDP. So, the password remains within Azure AD and SP reaches out to Azure AD for authentication. 

    AFAIK, it is not possible to sync password attribute through SCIM provisioning. 

    Please take a moment to "Mark as Answer" and/or "Vote as Helpful" wherever applicable. Thanks!

    Monday, September 16, 2019 8:33 AM
  • Anonymous User MS, Just wanted to follow up and check if the above answered helped in answering your query.

    Do let us know, if there any any more queries around this.

    Thursday, September 19, 2019 9:35 AM