Hello there!

Need Help? We are right here!

miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

Configure SCIM provisioning using Microsoft Azure Active Directory


This guide describes how to set up user sync SCIM provisioning using Azure Active Directory.

User sync with SCIM Provisioning with Azure AD saves time when setting up new users and teams and helps you manage and gain access through user lifecycle management. miniOrange's SCIM provisioning can help you create, read, and update user accounts for new or existing users, remove accounts for deactivated users, and synchronize attributes across multiple user stores via Azure AD.

Follow the steps given below to configure User Sync SCIM provisioning using Azure AD with miniOrange.


Connect with External Source of Users


miniOrange provides user authentication from various external sources, which can be Directories (like ADFS, Microsoft Active Directory, Azure AD, OpenLDAP, Google, AWS Cognito etc), Identity Providers (like Shibboleth, Ping, Okta, OneLogin, KeyCloak), Databases (like MySQL, Maria DB, PostgreSQL) and many more.



Follow the step-by-step guide given below for Provisioning using Azure AD

Prerequisites

  • User must have an Admin account on miniOrange
  • They should have a user license.

1. Configure SCIM Client for Azure AD in miniOrange

  • Login to miniOrange dashboard.
  • Go to Apps section
  • User SCIM Provisioning with Azure AD

  • Go to Apps > Add Application button.
  • SCIM Provisioning with Azure AD: Add Application

  • Select Provisioning >> Scim Client (source).
  • Select Provisioning for SCIM Client

  • Add the Custom Application Name
  • Copy the Scim Base URL and Bearer Token and save it for further configuration.
  • Add app name and copy SCIM credential URL

  • Configure the attributes mappings and toggle on/off Enable Provisioning Features based on your requirements.
  • SCIM Provisioning with Azure AD: Configure attribute mapping

  • SCIM base URL and Bearer Token can also be retrieved later by editing the app.
  • If the provisioning feature “Delete the Deactivated users” is enabled then the unassigned/deleted users in source will be deprovisioned otherwise they will be disabled.
  • Save the app.

2. Configure provisioning in Azure AD

  • Sign in to the Azure Active Directory portal using your Microsoft identity platform administrator account.
  • Add an unlisted (non-gallery) application to your Azure AD organization.
    1. Search for Enterprise Application.
    2. Select Enterprise Applications > New application.
    3. Select Create your own application.
    4. Under What are you looking to do with your application? choose to Integrate any other application you don't find in the gallery .
    SCIM Provisioning with Azure AD: Add unlisted application to Azure AD organization

  • Configure Provisioning
    1. Open the created app
    2. Configure User SCIM Provisioning with Azure AD

    3. Select Provisioning to open the provisioning panel for editing.
    4. SCIM Provisioning with Azure AD: Select Provisioning

    5. Change provisioning mode from manual to automatic.
    6. Enter the SCIM Base URL into the Tenant URL and Bearer Token to Secret Token that we have saved earlier. Alternatively, you can also get SCIM Base URL and Bearer Token by editing the app you created during miniOrange app creation.
    7. Click on test connection.
    8. If test connection is successful save your configurations.
    User SCIM Provisioning with Azure AD: successful and save the configurations

  • Provisioning Users
    1. Go to Assign users and group and assign the user you want to provision.
    2. Sync User SCIM Provisioning with Azure AD: Assign User and Group

    3. If you already have some users then go or else create some users first then continue.
  • Start Provisioning
    1. Go to provisioning tab.
    2. Click on Start provisioning.
    3. If you want to provision your assigned user right now go for Provision on demand.
    SCIM Provisioning with Azure AD: Start Provisioning

  • Provision on demand
    1. Search for the user you want to provision (user must be assigned to the app).
    2. Click on Provision.
    3. User SCIMProvisioning with Azure AD: Click Provisioning

    4. Go to the User list in miniOrange portal, you will be able to find the user already provisioned.


View Provisioning Reports

How to access Provisioning Reports?

  • Navigate to the Reports in the left-hand navigation pane and select Provisioning Report.
  • Provisioning Report

  • Filter the reports by specifying Enduser Identifier and Application Name criteria. Additionally, choose the desired timespan for the reports. Once done, click on the Search.
  • Search Provisioning Report

  • Alternatively, you can directly click on Search to retrieve all provisioning reports based on time without applying any specific filters.


External References

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products