The Device Hub SCIM API integration supports SCIM version 2.0 and is certified for Azure Active Directory.
The Device Hub SCIM API integration supports the following provisioning actions:
- Create users
- Delete users
- Update user attributes
- Add a group
- Remove a group
- Update Groups attributes
- Add/remove users to/from a group
- Currently, only Azure AD is supported. Hybrid AD and multiple ADs are not supported.
- On-premise AD is not supported.
- All users are created in Condeco as standard, non-admin users.
- The Condeco application does not support multi-valued properties.
- Email addresses are read-only and as such, cannot be updated using SCIM.
Good to know
- The following special characters are supported when creating users from AD: period [ . ], comma [ , ], hyphen [ – ], 0-9
- The following languages are supported when creating users from AD: Latin, Chinese, Arabic, and Japanese, using 0-64 ASCII character strings only.
- The following special characters are not supported in email addresses: # % * ( ) = [ ] | \ “ ; : <> , ? /
- Underscore [ _ ] is not supported in the first names or last names of users created via AD.
- SCIM updates are one-way – from Azure AD to the Condeco Device Hub. Updates made in Device Hub do not synchronize to Azure AD.
- Audit logging is not currently supported. Logs can be viewed from Azure App Insights.
- The initial synchronization cycle is expected to take longer than subsequent cycles.
- Synchronization cycles occur approximately every 40 minutes, provided the Azure AD provisioning service is running.
- The Device Hub requires at least 1 active admin account.
- Bulk-create users function in Azure AD does not support the email field. If bulk-create users is used in Azure, then email addresses must be subsequently added individually for each user on the Device Hub.
Thanks for your feedback.