Setting up Entra SCIM

Who can use this feature

  • Supported on Enterprise plans
  • Anyone with an org admin role can access and edit SCIM settings

This article shows how to retrieve key pieces of information from Entra to complete the SCIM provisioning process. For the rest of the SCIM setup process, see our article Setting up SCIM provisioning.

In this article:

Before you begin

  • Set up SAML SSO before you begin SCIM provisioning.
  • Collect key data from Writer to share with Entra, as explained here.

Configure SCIM in Entra

Go to the Provisioning page in your Entra Writer application and select Connect your application in the Create configuration section.

Select the automatic provisioning mode, then paste your endpoint and bearer token from Writer (step 1 here) into the Tenant URL and Secret Token fields. The Tenant URL should always be https://app.writer.com/api/scim/v2. You can then test the connection and save.

Enable attribute mapping in Entra

Expand the Mappings section and make sure that both group and user attribute mappings are enabled, and are mapping the correct fields into Writer. The default mapping should work, but your specific Azure setup may require custom mapping.

Add a custom mapping to sync mailNickname to externalId in the Attribute Mappings section on the Provision Microsoft Entra ID Users mapping page. Note that some of the mappings in the above screenshot are optional.

Push users and groups

To sync users/groups from Entra into Writer, you'll need to assign them to your Entra Application. From the Users and groups page, select Add user/group from the top menu.

Select None selected under Users and Groups, then select the entities you want to add to the SCIM app, and click Select.

Select Assign to add them to your SCIM app.

Enable SCIM provisioning in Entra

Once you've reviewed the attribute mapping and user/group push settings, return to the Provisioning page, expand the Settings section, and set the Scope to Sync only assigned users and groups, and the Provisioning Status to On. SCIM's now set up! 🥳

Configure role attribute in Entra (optional)

You can add a custom attribute to assign team member and org admin roles to Writer users. To get started, select the Add New Mapping button at the bottom of the Mappings list. The source attribute is appRoleAssignments, and the target attribute is urn:custom:params:scim:schemas:extension:writer:2.0:User. Ensure that Apply this mapping is set to Always.

Finish the SCIM provisioning process

Return to Setting up SCIM provisioning to complete this process.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Support Contact Support