Step 1: Create Azure AD SCIM Application
From your Enterprise Application dashboard, select "New Application".
Select "Create your own application" and continue.
Give your application a descriptive name such as Ten Thousand Coffees, and select the "Integrate any other application you don't find in the gallery (Non-gallery)" option, then click "Create".
Step 2: Configure the Azure AD SCIM Admin Credentials
Select "Provisioning" from the "Manage" section found in the navigation menu of the SCIM application.
Click the "Get Started" button.
Select the "Automatic" Provisioning Mode from the dropdown menu.
Copy and paste the endpoint into the "Tenant URL" field. This will be provided to you by Ten Thousand Coffees via a unique setup link.
Copy and paste the Bearer Token into the Secret Token field. This will be provided to you by Ten Thousand Coffees via a unique setup link.
Click "Test Connection" to receive confirmation that your connection has been set up correctly. Then, select "Save" to persist the credentials.
Step 3: Set up and enable attribute mapping
Expand the "Mappings" section
Make sure the group and user attribute mappings are enabled, and are mapping the correct fields.
Make sure that you are mapping "objectId" to "externalId" within the Attribute Mapping section.
Required and recommended profile fields
Start with the required fields, then add recommended fields based on what’s available in AzureAD system. Each additional field improves matching quality and capabilities.
Required
| Field Name | Example | Notes |
|---|---|---|
| First name | Jane | |
| Last name | Doe | |
| jane@10kc.com | ||
| Management Level This is mapped to the Role segment |
Director | Maps to “Role” segment. Example values: Student, Intern, Analyst, Associate, Individual Contributor, Manager, Sr. Manager, Director, Sr. Director, VP, SVP, Executive |
Recommended
| Field Name | Example | Notes |
|---|---|---|
| Job title | Solutions Engineer | |
| Business unit | Consulting | |
| Job function | Engineering | |
| People manager status | Yes | Use only “yes” or “no” |
| Manager email To exclude members from matching with managers |
john@10kc.com |
Optional
| Field Name | Example | Notes |
|---|---|---|
| City, Country, or Office For matching across geographies |
Atlanta | |
| Locale Include this field to specify which members require other languages. English is the default language. |
en-US | Use only: en-US, fr-CA, es-ES, ko, ja |
| Status To deactivate and reactivate profiles for employees that go on leave and come back |
active | Use only: active, inactive |
Step 4: Assign People & Groups to Azure AD SCIM Application
In order for your users and groups to be synced to Ten Thousand Coffees you will need to assign them to your Azure AD SCIM Application. Select "Users and groups" from the "Manage" section of the navigation menu.
Select "Add user/group" from the top menu.
Select "None selected" under the "Users and Groups". In the menu, select the users and groups that you want to add to the SCIM application, and click "Select".
Select "Assign" to add the selected users and groups to your SCIM application.
Confirm the "Provisioning Status" is set to "On" and that the "Scope" is set to "Sync only assigned users and groups".
Step 5: Test the SCIM Connection
Ten Thousand Coffees will share testing steps to you via email.
Comments
0 comments
Please sign in to leave a comment.