Thank you for following up on this and I apologize for the delayed response!
I want to provision only the users to the provisioning application (for example ServiceNow) who are added/removed to Certain groups, and do not want to provision other users to the target application, can this be possible?
In application provision, we can use scope filters to scope users or groups. But unfortunately, the scoping filter IsMemberOf
and members
attribute on a group are not currently supported. So, it is not possible to provision only users who have been added or removed from specific groups in Azure AD to a provisioning application.
For your reference: https://learn.microsoft.com/en-us/entra/identity/app-provisioning/define-conditional-rules-for-provisioning-user-accounts?pivots=app-provisioning#create-scoping-filters
Hope this helps. Do let us know if you any further queries.
Thanks,
Navya.
If the answer is helpful, please click "Accept Answer" and kindly upvote it.