final updates

deadlypants1973 · deadlypants1973 · commit bd27f5eb005e · 2025-04-17T16:43:08.000+01:00
diff --git a/src/content/docs/cloudflare-one/identity/idp-integration/entra-id.mdx b/src/content/docs/cloudflare-one/identity/idp-integration/entra-id.mdx
@@ -29,14 +29,14 @@ To retrieve those values:
 
 5.  Select **Register an application to integrate with Microsoft Entra ID (App you're developing)**. If offered, do not select any of the gallery applications. Select **Create**.
 
-7.  In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Custom Pages** and find your team name.
-
-      Under **Redirect URI**, select the _Web_ platform and enter the following URL:
+7.  Under **Redirect URI**, select the _Web_ platform and enter the following URL.
 
     ```txt
     https://<your-team-name>.cloudflareaccess.com/cdn-cgi/access/callback
     ```
 
+    In [Zero Trust](https://one.dash.cloudflare.com), go to **Settings** > **Custom Pages** to find your team name.
+
     ![Registering an application in Azure](~/assets/images/cloudflare-one/identity/azure/name-app.png)
 
 8.  Select **Register**.
@@ -99,9 +99,9 @@ More narrow permissions may be used, however this is the set of permissions that
 
 4. Enter the **Application (client) ID**, **Client secret**, and **Directory (tenant) ID** obtained from Microsoft Entra ID.
 
-5. To [test](/cloudflare-one/identity/idp-integration/#test-idps-in-zero-trust) that your connection is working, select **Test**.
+5. Select **Save**.
 
-6. Select **Save**.
+6. To [test](/cloudflare-one/identity/idp-integration/#test-idps-in-zero-trust) that your connection is working, select **Test**.
 
 7. (Optional) Configure the following settings:
 
@@ -198,17 +198,15 @@ SCIM requires a separate enterprise application from the one created during [ini
 
 3. Name your application (for example, `Cloudflare Access SCIM`).
 
-4. Select **Integrate any other application you don't find in the gallery (Non-gallery)**. If offered, do not select any of the gallery applications.
+4. Select **Integrate any other application you don't find in the gallery (Non-gallery)**. If offered, do not select any of the gallery applications. Select **Create**.
 
-(check this part with Tim)
-
-5. Select **New configuration**.
+5. After you have created the application, go to **Provisioning** > select **New Configuration**.
 
 6. In the **Tenant URL** field, enter the **SCIM Endpoint** obtained from your Entra ID integration in Zero Trust [in the previous step](/cloudflare-one/identity/idp-integration/entra-id/#1-enable-scim-in-zero-trust).
 
 7. In the **Secret token** field, enter the **SCIM Secret** obtained from your Entra ID integration in Zero Trust [in the previous step](/cloudflare-one/identity/idp-integration/entra-id/#1-enable-scim-in-zero-trust).
 
-8. Select **Test Connection** to ensure that the credentials were entered correctly.
+8. Select **Test Connection** to ensure that the credentials were entered correctly. If the test fails, go to your Entra ID integration in Zero Trust, select **Regenerate Secret**, select **Save**, and enter your new **SCIM Secret** in the **Secret token** field.
 
 9. Select **Create**.
 
@@ -224,10 +222,12 @@ SCIM requires a separate enterprise application from the one created during [ini
 
 13. On the **Overview** page in Entra ID, you will see the synchronization status.
 
-To check which users and groups were synchronized, select **View provisioning logs**.
+To check which users and groups were synchronized, select **Provisioning logs**.
 
 <Render file="access/verify-scim-provisioning" />
 
+To monitor the exchange of identity details between Access and Microsoft Entra ID in the [SCIM activity logs](/cloudflare-one/insights/logs/scim-logs/), go to **Logs** in Zero Trust and select **SCIM provisioning**.
+
 ### Provisioning attributes
 
 Provisioning attributes define the user properties that Entra ID will synchronize with Cloudflare Access. To modify your provisioning attributes, go to the **Attribute mapping** and select **Provision Microsoft Entra ID Users**.
@@ -257,7 +257,7 @@ You can create Access and Gateway policies for groups that are not synchronized
 
 1. Make sure you enable **Support groups** as you set up Microsoft Entra ID in Zero Trust.
 
-2. On your Azure dashboard, note the `Object Id` for the Entra group. In the example below, the group named Admins has an ID of `61503835-b6fe-4630-af88-de551dd59a2`.
+2. In your Microsoft Entra dashboard, note the `Object Id` for the Entra group. In the example below, the group named Admins has an ID of `61503835-b6fe-4630-af88-de551dd59a2`.
 
    ![Viewing the Azure group ID on the Azure dashboard](~/assets/images/cloudflare-one/identity/azure/object-id.png)
 
diff --git a/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx b/src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx
@@ -21,8 +21,8 @@ import { Markdown } from "~/components"
 	- _Group membership change reauthentication_: [Revoke a user's active session](/cloudflare-one/identity/users/session-management/#per-user) when their group membership changes in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/). Access will read the user's updated group membership when they reauthenticate.
 	- _No action_: Update the user's identity the next time they reauthenticate to Access or WARP.
 
-5. Select **Save**.
+5. Select **Regenerate Secret**. Copy the **SCIM Endpoint** and **SCIM Secret**. You will need to enter these values into {props.idp}.
 
-6. Copy the **SCIM Endpoint** and **SCIM Secret**. You will need to enter these values into {props.idp}.
+6. Select **Save**.
 
 The SCIM secret never expires, but you can manually regenerate the secret at any time.
