<aside> ⚠️
If you’re already using Javelo and have users in the app. Please read Preparing Javelo for External User Source Integration before proceeding
</aside>
Automatic provisioning refers to creating user identities and roles in the cloud applications that users need access to. In addition to creating user identities, automatic provisioning includes the maintenance and removal of user identities as status or roles change.
The Azure AD Provisioning Service can therefore assign users to the Javelo application by connecting to the SCIM 2.0 User Management API endpoint which is provided by Javelo.
The SCIM endpoint allows Azure AD to programmatically create, update, and deactivate users .
The channel used for provisioning between Azure AD and the application is encrypted using HTTPS TLS 1.2 encryption.
For outbound provisioning between Azure AD and Javelo, user or group assignments are the most common method of determining which users are within the scope of provisioning.
More information on assigning users to an Active Directory application [here] (https://docs.microsoft.com/fr-fr/azure/active-directory/manage-apps/assign-user-or-group-access-portal).
<aside> ⚠️ Once activated, the SCIM provisionning is considered as the only source of truth for creating users. Then you will not be able to login to Javelo with user that was not previously created through SCIM provisionning.
</aside>
Azure AD runs a synchronization process every 40 minutes in which it queries the Javelo application's SCIM endpoint for assigned users and groups, and creates or modifies them based on the assignment details.