Genesys Cloud - Main

We are currently configuring a SCIM provisioning integration between Microsoft Entra ID (Azure AD) and Genesys Cloud.

Azure provides two authentication methods for configuring SCIM provisioning with Genesys Cloud:

1. Bearer Authentication
2. OAuth 2.0 Client Credentials Grant

We were able to successfully configure SCIM provisioning using the Bearer Authentication method with the supported user attributes. In this approach, we configured the Tenant URL and Secret Token generated via Postman, in accordance with the Genesys documentation: Configure Microsoft Entra ID for Genesys Cloud SCIM (Identity Management) View summary - Genesys Cloud Resource Center

Although the SCIM integration and attribute mapping between Azure and Genesys Cloud are initially successful, we are encountering an issue when the bearer token expires. Once the token expires, user synchronization between Azure and Genesys Cloud stops, requiring manual regeneration and reconfiguration of the token.

To address this limitation, we attempted to implement the second authentication option available in Azure: OAuth 2.0 Client Credentials Grant. For this method, the following values were provided in Azure:

• Tenant URL:
  https://api.usw2.pure.cloud/api/v2/scim/v2
• Token Endpoint:
  https://login.usw2.pure.cloud/oauth/token
• Client Identifier
• Client Secret

However, when testing the connection in Azure using this method, the configuration fails with the following error:

Error Code: CredentialValidationUnavailable

At this stage, we are seeking guidance on the correct configuration for OAuth 2.0–based SCIM provisioning with Genesys Cloud, or clarification on whether OAuth 2.0 client credentials are currently supported for SCIM provisioning from Microsoft Entra ID.

We are currently configuring a SCIM provisioning integration between Microsoft Entra ID (Azure AD) and Genesys Cloud.

Azure provides two authentication methods for configuring SCIM provisioning with Genesys Cloud:

1. Bearer Authentication
2. OAuth 2.0 Client Credentials Grant

We were able to successfully configure SCIM provisioning using the Bearer Authentication method with the supported user attributes. In this approach, we configured the Tenant URL and Secret Token generated via Postman, in accordance with the Genesys documentation: Configure Microsoft Entra ID for Genesys Cloud SCIM (Identity Management) View summary - Genesys Cloud Resource Center

Although the SCIM integration and attribute mapping between Azure and Genesys Cloud are initially successful, we are encountering an issue when the bearer token expires. Once the token expires, user synchronization between Azure and Genesys Cloud stops, requiring manual regeneration and reconfiguration of the token.

To address this limitation, we attempted to implement the second authentication option available in Azure: OAuth 2.0 Client Credentials Grant. For this method, the following values were provided in Azure:

• Tenant URL:
  https://api.usw2.pure.cloud/api/v2/scim/v2
• Token Endpoint:
  https://login.usw2.pure.cloud/oauth/token
• Client Identifier
• Client Secret

However, when testing the connection in Azure using this method, the configuration fails with the following error:

Error Code: CredentialValidationUnavailable

At this stage, we are seeking guidance on the correct configuration for OAuth 2.0–based SCIM provisioning with Genesys Cloud, or clarification on whether OAuth 2.0 client credentials are currently supported for SCIM provisioning from Microsoft Entra ID.