I'm implementing SCIM 2.0. I can provision and deprovision users. The thing is, i need to receive users' group id(s) to use it in my app. But i don't receive any group id. Is there a way to receive any group id (in user response, not group). For now i'm testing it with Azure Active Directory. Maybe i should change the mappings? I already tried to grab the id of the group for a user but there is no option to select it in the mapping..
0
votes
Why do you want to get users' group id(s)? Are you trying to get the user's role based on the groups?
– Allen Wu
@AllenWu my app is based on communities/subcommunities. I subscribe users in communities/subcommunities with SSO based on the group id in Azure. i want to deprovision users from the right community using the group id also
– jdps
1 Answers
0
votes
In Azure AD group memberships are a property on the group, not the user. You'll need to provision the group objects across (to the /groups endpoint) and the memberships should be represented in the members property of each group, with each value of members being the ID value of a member user/object.
Azure AD doesn't have functionality today to include group membership information as a property of a user, nor am I aware of it being on any roadmaps.
