What is HR driven provisioning?
HR driven provisioning is the automated creation of digital identities (for example Active Directory user accounts) based on a human resources (HR) system.
HR systems are typically well-curated, holding the most accurate data an organization has about their employees. As a result they are often used as a reliable ‘source of truth’ on which to base automated provisioning of directories and other systems needing identity data (which they may use for authorization and authentication decisions, or less critical administrative purposes).
The term “HR driven” is often used as shorthand to refer to any source of truth, like a student enrolment system, or a temporary staff database.
The term “provisioning” is often used as shorthand for the entire joiner/mover/leaver lifecycle of an employee (or other identity) – so it covers the ongoing maintenance of the identities, and deprovisioning, too.
HR driven provisioning can be either on-premises based or cloud-based. In the Microsoft world, Azure AD can be configured to connect to some cloud-based HR systems (notably Workday and Success Factors), while Microsoft Identity Manager has been – for almost two decades – the workhorse that connects to just about any HR system and uses it to provision AD, which in turn can be used to provision Azure AD using Azure AD Connect.