探花大神

Contact Us
Help Center Home > Apps and Integrations > Configure Real-time SCIM User Provisioning from Entra ID

Configure Real-time SCIM User Provisioning from Entra ID

Streamline lifecycle management for your organization by connecting Entra ID with 探花大神 through a real-time user import SCIM integration. This integration lets you manage your organization鈥檚 user identities in Entra ID, and easily connect users to all of the IT resources they need through 探花大神. After you connect Entra ID with 探花大神 through our SCIM server, depending on the integration settings you choose, users are seamlessly created, updated, and deleted in 探花大神 according to the actions you take on users in Entra ID.

Note:

Your organization can now also enable RADIUS access with user's Entra ID credentials. See RADIUS Configuration and Authentication.

Prerequisites

  • A 探花大神 Administrator API key

Considerations

  • The must be added to the Tenant URL for user updates and deprovisioning to be supported.
    • Only new users will be created if this flag is not added
  • Real-time Group import isn鈥檛 currently supported
  • If a user is inactive in the source application, the user will not be created in 探花大神. If you would like the user to exist in 探花大神, you must create the user manually

Attribute Considerations

  • The manager attribute isn鈥檛 supported

Integrating Entra ID with the 探花大神 SCIM Server

  1. Log in your . 
  2. Click on Enterprise applications to create a custom app. 
  3. Click New application > Create your own application.

Note:

探花大神 isn鈥檛 in the Entra application Gallery. 

  1. Under What鈥檚 the name of your app? Enter a name to distinguish the 探花大神 integration.
  2. Next, answer the question, What are you looking to do with your application? with the multiple choice answer, Integrate any other application you don鈥檛 find in the gallery (Non-gallery). Click Create
  3. Now, you can see your application dashboard. In the left navigation menu, click on Single sign-on.

Note:

探花大神 doesn鈥檛 have SAML access, so select from the options Disabled or Password-based

  1. If you select the Password-based option, the Sign-on URL needs to be provided. Copy/Paste the 探花大神 user console URL link into the designated field and click Save
  2. In the left navigation menu, click Provisioning.
  3. Under the Provisioning Mode dropdown menu, select Automatic. This will power the real-time sync using the SCIM server. 
  4. Under Admin Credentials, there are two fields required to connect the real-time 探花大神 import鈥檚 API and synchronize your user data.
    • Tenant URL: For 探花大神, this is a SCIM-based URL: https://api.jumpcloud.com/scim/v2/?aadOptscim062020
    • Secret Token: A 探花大神 API key should be used to authorize this integration. The API key in 探花大神 is associated with an admin account. Use an admin account that has a role of Admin with Billing, Administrator, or Manager that will be a long lived admin account for your organization. See Generating a New API Key.
  5. Click Test Connection. You will receive a notification that the authorization was successful. Click Save.
  6. Under Mappings, click on Provision Microsoft Entra ID (formerly Active Directory) Groups. The default option will be enabled to Yes.

Note:

探花大神 doesn鈥檛 currently support the real-time import of Groups just yet, so this option needs to be toggled to No, then click Save. You will be prompted to confirm you want to save your changes, click Yes

  1. Now, go back to the Provisioning dashboard > Mappings section and click on the next option, Provision Microsoft Entra ID (formerly Active Directory) Users. Leave this option enabled to Yes
  2. Under Target Object Actions, there are three available capabilities; CreateUpdate and Delete. You can choose which options you鈥檇 like.

Important:

For Attribute Mappings, not all of the Entra ID attributes are available or supported within 探花大神. Any unsupported attributes that are left enabled in Entra ID can cause the provisioning to fail.

  1. Click on an attribute to edit it. The attribute mapped to userName needs to be adjusted to satisfy 探花大神鈥檚 attribute validation. We suggest userPrincipalName, the default mapping, be edited to adjust the source attribute to mailNickname, this is typically the first.lastname. Click Ok.
  2. The attribute, mail needs to be edited to adjust the source attribute to userPrincipalName. The primary email in 探花大神 is the work email which serves as the userPrincipalName in Entra. 
  3. From here, you can delete any attributes that you don鈥檛 want mapped. Take a look at the Attribute Mappings table below to see which attributes 探花大神 sends to Entra because not all attributes are supported. 
  4. Once the Attribute Mappings are set, click Save. You will be prompted to confirm you want to save your changes, click Yes
  5. Now, go back to the Provisioning dashboard > Settings section. There are options to Send email notifications if failures occur, in addition to Scope, which allows you to choose if you want to Sync all users and groups or only assigned users and groups
  6. Leave the Provisioning Status toggled On
  7. If any changes were made, click Save.
  8. Go back to the main dashboard > left navigation menu, click on Users and groups to assign users to the app. 
  9. Click Add user/group > Users > None Selected to select Users to add. Search for the users you want to add and click Select, then Assign.

Tip:

It takes ~40 minutes for users to be provisioned to 探花大神. If you need to expedite this process, there is an option to Provision on demand.

  • From the Provisioning dashboard, click Provision on demand, search for the user that needs to be added, select them and click Provision. This will push the new user to 探花大神 immediately.
  • Notes:
    • The user is added in a Password Pending status. Entra ID doesn鈥檛 pass the user鈥檚 password to 探花大神.
    • If changes are made to this user within 探花大神, it won鈥檛 be reflected in Entra ID through this integration. 

Note:

We recommend using a name like Real-time 探花大神 Import, or something similar.

探花大神 Supported SCIM Attribute Mappings

The following table lists attributes that the 探花大神 SCIM client will accept from this integration. Learn about 探花大神 Properties and how they work with systemusers in our .

Recommended Entra Attribute Mappings SCIM v2 Mapping 探花大神 Property 探花大神 UI 探花大神 Validation Type
mailNickname userName username required, no special characters, (max length 1024). note: email may not be used as username. Some integrations leverage the email substring for the username string
givenName name.givenName firstname First Name max length 1024 string
surname name.familyName lastname Last Name max length 1024
userPrincipalName emails: value (primary) email Company Email email, required, max length 1024 string
displayName displayName displayName Display Name - string

Switch([IsSoftDeleted], , "False", "True", "True", "False")

 active

!suspended && !passwordExpired

 N/A - boolean
- meta.created N/A N/A - string
- meta.lastModified N/A N/A - string
jobTitle title jobTitle Job Title - string
department

urn:ietf:params:scim:schemas:extension:enterprise:2.0:user:department

 department Department - string
- locale location Location - string
- costCenter costCenter Cost Center - string
- userType employeeType Employee Type - string
- organization company Company - string
employeeID

urn:ietf:params:scim:schemas:extension:enterprise:2.0:user:employeeNumber

 employeeIdentifier Employee ID - string
Back to Top

List IconIn this Article

Notebook IconLearn More

探花大神 SCIM Server Implementation

Authenticate to RADIUS with Entra ID

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case