Hi,
We're using user / group provisioning from Azure AD to ServiceNow and have run into a problem.
When creating a group in Azure, it gets synced to ServiceNow, as expected - but when this group is deleted in ServiceNow, it is NOT synced back to ServiceNow automatically, which was pretty surprising. It seems like Azure is not synchronizing every 40 minutes, like it is stated, but it is checking every 40 minutes if changes were made on its side (for example, removing someone from a group), and only then synchronizes the current state to ServiceNow. We tested this by deleting a group in ServiceNow and waiting for Azure to synchronize it back (since it was still present in AD), but nothing happened. Once we added a new member to the group, the group got synced back to ServiceNow.
Is there any way to change this behavior, so that the state present in Azure AD will always be synced to ServiceNow, regardless of if the objects have been deleted in ServiceNow? We really want Azure to be the source of truth for groups and users, but currently, that's just not possible.
Thanks,
Max
