Connection for user synchronization

This chapter describes how to create a connection between Sofa and your company, whose Tenant ID we learned in the previous chapter, so that it is possible to synchronize users.

Synchronizing on organization’s users with Sofa is possible using two methods: SCIM and Entra ID.

  • For SCIM, Sofa does not need permissions to read the whole record on organization’s users in Entra ID. If you do not want your organization to give Sofa the permissions to read all users (that is, including those who are not supposed to use Sofa), we recommend using SCIM.

  • If you do not need this distinction, you might prefer connection using Entra ID (Azure AD), because it is simpler. It does not require configuration in two places (creating a connection in Sofa and additionally a SCIM application on the company’s organization.
    The steps are described in chapter Connection and synchronization using Entra ID.

There is also a difference in the direction of contact between the organization and the Sofa app during user synchronization.

  • When synchronizing using Entra ID, Sofa contacts the organization in Entra in regular intervals.

  • When synchronizing using SCIM, the organization in Entra contacts the Sofa app. Sofa then provides all the needed services including user management.