Skip to contentSkip to navigationSkip to topbar
Page toolsOn this page
Looking for more inspiration?Visit the

Microsoft Entra ID SCIM integration


This guide explains how to configure user synchronization from Microsoft Entra ID to Twilio using SCIM provisioning with the OAuth 2.0 client credentials grant type. This integration works with custom (non-gallery) applications in Entra ID.


Step 1: Create an OAuth 2.0 Client Credential App in the Twilio Console

step-1-create-an-oauth-20-client-credential-app-in-the-twilio-console page anchor

Before configuring Entra ID, you must generate a secure Client ID and Client Secret from your Twilio Console to authorize the SCIM sync operations.

Twilio ConsoleLegacy Console
  1. Log in to Twilio Console(link takes you to an external page) and navigate to Settings > Organization settings > Organization API access(link takes you to an external page).
  2. Click Create OAuth application.
  3. Select grant type as Client credentials.
  4. Enter the Application name and Application description.
  5. On the Scopes & permissions step, check all the managed-users permissions.
  6. On the Copy secret page, copy the credentials and store them somewhere secure.
  7. Select the Got it! checkbox and click Finish.

Step 3: Configure the SCIM provisioning engine

step-3-configure-the-scim-provisioning-engine page anchor
  1. Select your application created in Step 2 and go to Provisioning from the left navigation menu.
  2. Click on Provisioning again on the left navigation under manage (new experience) or click Get started (legacy experience).
  3. Change the Provisioning Mode from Manual to Automatic.
  4. Expand the Admin Credentials section.
  5. In the Authentication Method dropdown, select OAuth2 client credentials grant.
  6. Complete the following configuration fields:
    • Tenant URL: https://iam.twilio.com/scim/v2
    • OAuth token endpoint: https://oauth.twilio.com/v2/token
    • Client identifier: Enter the Client ID copied from Step 1.
    • Client Secret: Enter the Client Secret copied from Step 1.
  7. Click Test Connection. Entra ID will attempt to retrieve an OAuth token from your Token Endpoint and then verify SCIM engine access via the Tenant URL.
  8. Once the test succeeds, click Save at the top.

Step 4: Finalize mappings and start syncing

step-4-finalize-mappings-and-start-syncing page anchor

Once the connection test in Step 3 succeeds:

  1. In the Entra Portal, expand the Mappings section under the Provisioning tab.
  2. Review the attribute mappings for Provision Microsoft Entra ID Users.
  3. Disable Provision Microsoft Entra ID Groups as we don't support SCIM groups right now.
  4. Navigate to Users and Groups from the left-hand navigation in your Enterprise Application and assign a few test users.
  5. Go back to the Provisioning > Overview dashboard and click Start provisioning to begin the automated synchronization cycle.