ASD's Blueprint for Secure Cloud

Application and HR Provisioning

This section describes the design decisions associated with automated provisioning of user identities for system(s) built using ASD's Blueprint for Secure Cloud.

Estimated reading time: 2 minutes

Entra ID to SaaS application provisioning refers to automatically creating user identities and roles in the cloud (SaaS) applications that users need access to. In addition to creating user identities, automatic provisioning includes the maintenance and removal of user identities as status or roles change. The System for Cross-Domain Identity Management (SCIM) specification provides a common user schema to help users move into, out of, and around apps.

Provisioning can be done in two modes:

  • Manual - There is no automatic Entra ID provisioning connector for the app yet. User accounts must be created manually, for example by adding users directly into the app’s administrative portal.

  • Automatic - an Entra ID provisioning connector has been developed for this application. For pre-integrated applications listed in the gallery, step-by-step guidance is available for setting up automatic provisioning.

The provisioning mode supported by an application is also visible on the Provisioning tab once the application added to the Enterprise apps. If there is no out of the box connector, and the SaaS application is SCIM 2.0 enabled then a custom SCIM Endpoint can be developed.

Security & Governance

  • None identified

Design

  • None identified

References

Do you have a suggestion on how the above page could be improved? Get in touch! ASD's Blueprint for Secure Cloud is an open source project, and we would love to get your input. Submit an issue on our GitHub, or send us an email at blueprint@asd.gov.au

Acknowledgement of Country icon

Acknowledgement of Country
We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra