SCIM Setup in Azure AD

This document shows how to synchronize users' information from the Azure AD identity provider to the platform. Please make sure to set up the mandatory settings from the ‘SCIM Integration’ page before following the below steps:

Add New Enterprise Application

Step 1. Login

Log in to https://portal.azure.com/ as an Azure Admin.

Step 2. Add new Enterprise Application

  1. Click on Microsoft Entra ID.

  2. Click on +Add at the top left hand side.

  3. On the drop down select Enterprise Application.

  4. Click on +Create your own application.

Step 3: Create your own application

  1. Enter a name for the application.

  2. Select ‘Integrate any other application you don't find in the gallery (Non-gallery)’ option.

  3. Click the Create button to create the application.

Provisioning Settings

  1. Select the ‘Provisioning’ menu from the left side.

  2. Click the ‘New Configuration’ button and then enter the following information.

Tenant URL: https://scim-api.keepnetlabs.com/scim

Secret Token: Enter the token which was created on the Keepnet platform.

  1. Click the ‘Test Connection’ button to test your configuration. If it’s successful, click the Save button to save settings.

Synchronize Users and Groups

When synchronizing users, customers have 2 options:

  • Synchronize all users in Entra-ID

  • Synchronize only assigned users and groups

Synchronize all users and groups in your Entra-ID

  1. Within the provisioning section, use the Settings drop down

  2. You will notice it defaults to 'Synchronize only assigned users and groups'

  3. Click on 'Synchronize all users and groups'

  4. Save

Synchronize only assigned users and groups

  1. Click on Users and Groups in the left hand menu under Manage

  2. Click on 'Add users/groups'

  3. Click on 'None Selected' on the left hand side

  4. On the right, you will see a list of your users and groups populate

  5. Most customers find it useful to use Groups - if you select a Group, any new members of this group will automatically be added to Keepnet

  6. Click Select then Assign on the bottom of the page

Start Provisioning

The final step is to start provisioning. Simply go to Overview on the left hand menu and select Start Provisioning on the top of the page.

Your users will sync from Microsoft to Keepnet every 40 minutes, ensuring any new employees who belong to one of your assigned groups is automatically added to Keepnet

You can see target users on the platform approximately in a few minutes. The Azure AD rechecks the application for new users, changes or deleted users every 40 minutes.

You have now added your first Target Users. Now you need to ensure they are able to receive emails from Keepnet successfully ➡️

Tutorial Video

This video tutorial shows the documentation steps for synchronizing users' information from the Azure AD identity provider to the platform.

A

Last updated

Was this helpful?