Integration Integration-ready

Plan Entra-driven lifecycle changes with Linux enforcement in view.

FreeSCIM can model Entra as an upstream identity authority while keeping directory and Linux enforcement boundaries explicit.

Role of Entra ID

Entra may own enterprise identity, app assignment, and provisioning intent for Microsoft-centered environments.

Supported operations

Use SCIM Users and Groups patterns after tenant-specific validation. Treat SSO and provisioning details as deployment-specific until verified.

Authentication model

Use scoped SCIM credentials and provider-side app configuration. Do not reuse operator credentials or broad directory secrets.

Rollout guidance

  1. Validate attribute mapping and immutable identifiers.
  2. Run dry-run reconciliation against FreeIPA / LDAP.
  3. Test deprovisioning with non-privileged accounts.
  4. Record limits and unsupported transformations.

Known limits

This page intentionally uses integration-ready language until a deployment verifies Entra tenant behavior end to end.