Skip to Content
1
Dec 23, 2022 at 01:00 PM

IAS / IPS Realtime Provisioning

334 Views

Hello Identity specialists

I have a scenario where I would like to provision users from MS-Azure AD via SCIM to IAS, and then using IPS (IAS to backend ABAP OnPrem S/4 and other NW systems).

In this scenario,

1. to protect all users which have been removed / deleted from MS-Azure AD (or from the app registration) to have backend users as "locked" and not deleted (including IAS).

2. If the Azure AD disables the users, then also lock the users in the backend system (including IAS)

Why this scenario

If we are using IAS / IPS scenario to say provision to SAC, then deleting users is "bad" as the model/stories owned by the user become cumbersome to manage or may not be retrievable as an example. Similarly for audit also deleting backend users is not good. Hence looking for experts to guide - how to set / convert delete switch to lock switch.

Welcome to hear for solutions.

Regards

Sumit