Provisioning
User accounts are often managed in a central directory, such as LDAP or Microsoft Entra ID (formerly Azure AD). Provisioning ensures that user data is automatically synchronized from the external directory to TrustBuilder.
This synchronization is one-way: when users are created, updated, or deleted in the external directory, the changes are reflected in TrustBuilder. The external directory is the source directory.
There are currently two supported provisioning methods:
IWDS: a TrustBuilder legacy solution for synchronizing users from an on-premises Active Directory to TrustBuilder MFA. Still supported, but not based on standard protocols.
SCIM: A modern open-standard protocol that supports synchronization from cloud-based directories like Entra ID.
IWDS and SCIM should not be used together.
Both use the same provisioning_id
in TrustBuilder → one source can overwrite the other. Use only one sync method per environment.
Refer to the following pages for configuration details: