Configuring Microsoft Entra ID attribute mappings for SCIM provisioning
You must be logged in to Microsoft Entra using one of the following roles: Application Administrator, Cloud Application Administrator, or Global Administrator.
Sign in to the Microsoft Entra Admin Center at https://entra.microsoft.com.
Navigate to Entra ID > Enterprise apps.
Open the Hyperproof SCIM application you created. See Adding a Microsoft Entra non-gallery application for SCIM.
From the left menu, select Provisioning.
Click the Attribute mapping section.
Click Provision Microsoft Entra ID Users.
Remove the following unnecessary mappings. Hyperproof doesn't use them:
name.formattedaddresses[type eq "work"].*(all address fields)phoneNumbers[type eq "work"].valuephoneNumbers[type eq "mobile"].valuephoneNumbers[type eq "fax"].valuetimezoneexternalIddisplayName displayNameurn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeIdurn:ietf:params:scim:schemas:extension:enterprise:2.0:User:departmenturn:ietf:params:scim:schemas:extension:enterprise:2.0:User:managerMake sure the following required mappings are configured:
Hyperproof attribute
Microsoft Entra ID attribute
Matching precedence
Notes
userNameuserPrincipalName1
Primary identifier
emails[type eq "work"].valuemailUser's email address
activeNot([IsSoftDeleted])User status (active/inactive)
name.givenNamegivenNameFirst name (required)
name.familyNamesurnameLast name (required)
Add the following optional mappings:
These mappings are recommended for richer user data.
Microsoft Entra ID attribute
Hyperproof attribute
jobTitletitlepreferredLanguagelocaleOptionally, configure group mappings as follows:
Return to the Attribute mappings section.
Click Provision Microsoft Entra ID Groups
Keep these mappings:
displayName → displayNamemembers → membersDelete any other default mappings.
Click Save.
For information on the entire workflow for configuring SCIM provisioning, see Microsoft Entra ID SCIM Configuration.