Frontrow Technology
← Wiki

Glossary

What is SCIM — automated user provisioning explained

System for Cross-domain Identity Management (SCIM) is a standard REST API enabling automated user provisioning, deprovisioning, and modification across different cloud applications, streamlining identity management.

Last reviewed 3 July 2026

What SCIM does

SCIM defines a standard protocol for managing identities across various SaaS applications. It allows organisations to automate the process of creating, updating, and deleting user accounts and groups, ensuring consistency and reducing manual effort. Microsoft Entra application provisioning runs on SCIM under the hood. Scoping filters within SCIM implementations allow for granular control over which users and groups are synchronised, enhancing security and efficiency.

SCIM in Australian tenants today

In the AU mid-market, SCIM is increasingly critical for managing the joiner-mover-leaver lifecycle, particularly to address deprovisioning gaps. Incomplete or delayed deprovisioning can lead to unauthorised access and potential data breaches, triggering obligations under the Notifiable Data Breaches scheme and potentially attracting scrutiny from the OAIC. Implementing SCIM helps automate this process, reducing the risk of leaving former employees with access. APRA CPS 234 and CPS 230 both expect access to be removed promptly when roles change, which in practice means automated provisioning and deprovisioning through SCIM.

Want Frontrow to walk this through with your team?

30 minutes. No deck. A senior Frontrow consultant walks through your tenant, your priorities, and the next sensible move.