Synchronize Users and Groups with Microsoft Entra ID

Synchronizing Users and User Groups from Entra ID is best way to ensure user groups can be properly leveraged in Universal ZTNA policies. There are two methods to synchronize users with Universal ZTNA:
  1. Just in Time (JIT) Synchronization – this method has Universal ZTNA reach into Entra ID and pull users and user groups on a polled basis. This method leverages the Secure Application Access OIDC Application to integrate with Entra ID APIs.
  2. System for Cross-Domain Identity Management (SCIM) Synchronization – this method had Microsoft Entra ID push users and user groups from Entra ID into Universal ZTNA. This method requires an enterprise application to be set up in Entra ID so that automatic provisioning can be enabled.
9039102-00 Rev AA