Managing User Groups with User Provisioning

With user provisioning, you can manage user groups in Microsoft Entra ID. Entra ID pushes the users to M-Files.

User provisioning lets you do these operations:

  • Automatically create users (login accounts) to the subscription.
  • Easily link an Entra ID user group to many vaults.
  • Automatically create vault users.
  • Automatically update the subscription's user groups and vault users when users group members are added or removed in Entra ID.
  • Automatically disable the subscription's users that are deleted in Entra ID.
  • Make sure that user information in M-Files is always consistent with user information in Entra ID.
    • For example, if a user's name and email are changed in Entra ID, the changes are synchronized to M-Files.
  • Manage M-Files licenses at the user group level.

Provisioning with Entra ID uses the SCIM protocol. SCIM is a standardized HTTP-based protocol (RFC 7644) designed to manage identities in multi-domain scenarios. For more information on SCIM, refer to Synchronizing Users from Microsoft Entra ID to M-Files with SCIM.

To set up user provisioning, see Configuring User Provisioning with Microsoft Entra ID. When the user provisioning is in use, you can change the license type for the whole user group. This lets you implement, for example, role-based access rights. For instructions on how to change the license type for a user group, see Changing the License Type for User Groups.
Note: The Subscription admin role is necessary to manage user groups in M-Files Manage.