How can we help?

SCIM User Management with Microsoft ADFS


SCIM 2.0, the System for Cross-domain Identity Management open standard, allows for user identity information management between cloud systems. Talkdesk® enables automatic and simplified user management through the SCIM 2.0 protocol.

Over the SCIM API, Talkdesk receives the following user information, creating the user based on it: first name, last name, and e-mail address. By default, the user status is active, which means that the licensing is automatically consumed on provisioning.

Prior to initiating the configuration, please ensure the necessary credentials to provide the service are available (OAuth token), and that enough licenses exist at Talkdesk for all the users. If, at the end of the procedure, some users present a “failed” status in your Microsoft ADFS console, it may be due to the lack of licenses for all new users. In this case, please check the complete information in Agents and Licenses.  


Managing users via SCIM 2.0 with Azure ADFS

Talkdesk supports the users' resources with the SCIM API, allowing read, create, update, and delete operations.

In order to manage users via SCIM 2.0  with Talkdesk check this Microsoft tutorial for Azure.

Next, please follow these steps:

  • Sign in to the Azure Active Directory portal;
  • Select Enterprise applications from the left pane.
  • Select + New application > All > Non-gallery application (available in the old gallery experience) or select Create your own application (select also “Integrate any other application you don’t find in the gallery”);
  • Create > Define the name of your application;
  • In “Assign users and groups” define the users you wish to have provisioned;
  • Select Provisioning User Accounts;
  • Select Configure automatic provisioning (right side of the screen) > Get Started;
  • In Provisioning Mode select Automatic;
  • In the Tenant URL field, enter Talkdesk’s SCIM endpoint:;
  • Copy the required OAuth bearer token into the optional Secret Token field;
  • Test the connection;
  • You can also define a Notification Email for failed operations;
  • Save the application (top left corner of the page);
  • In Mappings:
    • disable the Group provisioning and
    • maintain only the following attributes: userPrincipalName, givenName and surname. The userPrincipalName should correspond to an email and all users need to have a First and Last Name in the Active Directory.

Alter the Provisioning Status to On and Save.

All Articles ""
Please sign in to submit a request.