SCIM with Microsoft Entra ID is currently in closed beta and may not be available to your organization.
SCIM (System for Cross-domain Identity Management) is an open standard that allows you to automate user identity information between identity domains or IT systems and makes it easier to manage user identities across services.
SCIM allows your organization to automatically provision users as soon as they are assigned the Greenhouse Recruiting application in Microsoft Entra ID.
Note: To configure SCIM, your organization needs to already use Single Sign-On (SSO) for Greenhouse Recruiting with the Greenhouse enterprise app as it's listed in Entra ID. If you haven't already set up Single Sign On, or are using a custom app for Greenhouse SSO, update your setup before proceeding with the SCIM configuration.
Enable SCIM and start setup in Entra ID
To set up SCIM, you'll need to turn on a setting and add your Base URL and token to Microsoft Entra ID.
In Greenhouse Recruiting, go to the SCIM Configuration page and select the toggle next to Enable SCIM for Microsoft. (Configure icon > Dev Center > SCIM Configuration)
Note: This link will only appear for Site Admins who can manage and configure SSO and SCIM.
Keep your Greenhouse Recruiting tab open so you have access to the Base URL and token on the page.
In another tab, log into Microsoft Entra ID and create a new app, selecting Greenhouse the list of integrations.
Select Provision User Accounts and start the setup process. Choose Automatic as your Provisioning Mode.
Open the Admin Credentials panel.
Add your Base URL from Greenhouse Recruiting to the Tenant URL field.
Generate a token in Greenhouse and add it to the Secret Token field.
Click Test Connection. Most errors in this step can be fixed by double-checking your credentials in the fields at the top of the page. Once the test is complete, click Save.
Attribute mapping
The Greenhouse Recruiting SCIM configuration uses a custom schema that automatically sends over several user attributes by default.
| Greenhouse Recruiting field | Attribute |
| First name | name.givenName |
| Last name | name.familyName |
| userName | |
| EmployeeID | employeeNumber |
| User status (active or inactive) | active |
User provisioning
After the SCIM configuration is complete, you can assign users in Entra ID to your user group and have their account provisioned by Microsoft Entra ID. Microsoft provisions users every forty minutes, so any changes to user records in your identity provider will be updated in the next sync.
Fields with null values won't be included in user provisioning or update syncs.
Note: If a user currently has an active account in Greenhouse Recruiting, but had previously deactivated Entra ID before setting up SCIM, they won't be automatically updated once SCIM is configured. To update these users, you can provision on-demand in Entra ID.