SCIM Integration - Microsoft Entra

Integrating Row Zero with SCIM ensures that user management stays simple, secure, and consistent. With SCIM, you can automatically provision and de-provision users directly from your identity provider, keeping access in sync without manual updates. This reduces administrative overhead, minimizes the risk of outdated permissions, and gives your team a smoother, more secure onboarding and offboarding experience.

This guide walks you through configuring Row Zero with Microsoft Entra ID using SCIM (System for Cross-domain Identity Management). Once set up, any users or groups assigned to the application in Entra ID will automatically be provisioned into Row Zero.

Prerequisites

Before starting, ensure you have:

  • Administrator access to Microsoft Entra ID.
  • A SCIM Secret Token provided by the Row Zero team.

Step 1: Create an Enterprise Application

Log into the Microsoft Entra admin center.

  1. Navigate to your company’s Microsoft Azure Home and in the left navigation menu of the, select Enterprise applications. scim entra enterprise applications
  2. Click + New application scim entra new application
  3. Choose + Create your own application scim entra create application
  4. Enter Row Zero as the application name and select Integrate any other application you don’t find in the gallery (Non-gallery). scim entra integrate any
  5. Click Create

Step 2: Assign Users and Groups

You must assign users and/or groups to the application before provisioning will sync them to Row Zero.

  1. Open the Row Zero enterprise application.
  2. In the left panel, select Users and groups. scim entra users and groups
  3. Under Getting Started, select Assign users and groups. scim entra assing users
  4. Click on Add user/group
  5. Click None Selected to open the selection panel. scim entra none selected
  6. Choose the users and/or groups you want to provision into Row Zero.
  7. Click Assign

Step 3: Configure SCIM Provisioning

  1. In the Row Zero Enterprise application, select Provisioning from the left menu. scim entra provisioning
  2. Click Connect your application. scim entra create configuration
  3. Enter the following details and click Test connection: scim entra test connection
    • Tenant URL: https://scim.rowzero.io/scim/v2
    • Secret Token: Enter the token provided by Row Zero.
    • If successful, you’ll see a confirmation message.
  4. Click Create to save the settings.

Step 4: Start Provisioning

From the Row Zero Enterprise Application, in the Overview tab in the left panel, click Start provisioning.

Once enabled, assigned users and groups will sync into Row Zero automatically on the Microsoft Entra provisioning schedule.

Notes

  • Provisioning typically runs every 40 minutes by default.
  • You can also use Provision on demand in the Provisioning blade to trigger a manual sync. scim entra test connection
  • For seamless access, ensure the same users/groups are also assigned to your Row Zero SSO application (if SSO is configured). Note that SSO gates access to the Row Zero application for your enterprise while SCIM enables typeahead to easily share / restrict workbooks with your company's defined users and groups.