Best approach for integrating HR REST API with Entra ID API-Driven Provisioning in a hybrid environment?
ey everyone,
I’m working on a relatively small hybrid environment (~300 users) with on-prem AD + Entra ID.
Recently, I managed to set up an API-Driven Provisioning flow for the on-prem AD, and I already validated user creation through MS Graph successfully provisioning all the way down to the local AD.
Now I’m looking to evolve this into a more automated setup by periodically querying the HR authoritative source, which currently exposes the data through a REST API.
My main question is really around architecture/best practices:
what would be the best way to handle this periodic integration between the HR API and Entra ID?
My first idea was to build something in Python that consumes the HR REST API and sends the data to Entra/API-Driven Provisioning, but that would require maintaining a scheduled job running on-premises (Windows Task Scheduler, container, service, etc.).
I’d like to understand how you usually implement this kind of scenario in hybrid environments.
The main goal is to keep the solution simple, reliable, and easy to maintain over time.
If anyone has implemented something similar, especially using API-Driven Provisioning, I’d really appreciate hearing your experience or recommendations.