Hi There!
Are you migrating to our Azure SCIM with Org Groups experience, or want some tips on how to best use Org Groups with SCIM? Here are a few of our recommended best practices to make this implementation seamless!
If you are setting up or migrating to Azure Org Groups, please refer to the SCIM guide: Migrate Azure integration to Lucid organizational groups experience from our Help Center for a step-by-step configuration guide.
Assigning users to groups and pushing updates:
- According to the SCIM standards, the user endpoints can't update a group. Because of this, group updates will never happen when provisioning a new user. They have to happen when Entra requests to update a group. This is important to keep in mind while you are updating your users.
- You can have as many license and delicense user groups as you want, but because a user can only belong to one organizational group, each user can also only belong to one push group at a time across all groups. The only exception to this rule is the “All Users” group, which all users will be in alongside their license or delicense group.
- If you have decided to create an “all users group,” you will need to take an additional step when configuring to “exclude” this group from your SCIM updates. (See screenshot below for more). You will also need to provision the all users group first.
Having trouble syncing your users or groups to Lucid?
- If the issue is isolated to one or a few users, try unassigning and reassigning the affected users to the Lucid application in Entra.
- If the provisioning is stuck or erroring, try the "Restart Provisioning" option.
If none of the above resolves syncing issues, please reach out to support@lucid.co, and we are more than happy to help!!
