Hello, I'm currently investigating a case of provisioning Azure AD users through self-made SCIM app and I'm trying to access user's photo and id's of groups that they're members.
Is it possible to achieve it via SCIM or extra request through Graph are necessary?
Thanks in advance!
For photos, the SCIM spec has some gaps that don't allow for secure standardized implementations. This is something that Microsoft hopes to improve in the SCIM standard within the next year or two. For now, MS Graph calls are required.
For groups, the "groups" attribute on the SCIM user resource is readOnly. If your SCIM server has/can add support for the SCIM group resource type, group memberships can be managed via that. Azure AD's SCIM client will not send group memberships as a property on a user resource, however, as the spec doesn't support this.
3 people are following this question.
