SSO SCIM Synchronization with Entra ID

This document is about SSO SCIM synchronization with Azure Active Directory.

Step 1 - Login to azure

Login to the admin azure panel from here: https://portal.azure.com/#home , and click the Enterprise applications.

alt

Step 2 - Enterprise applications

From the All appliacations menu, click to the New application .

alt

Step 3 - Create your own new application

Click on the Create your own application.

alt

Step 4 - Configure your own new application

Fill fields of opened from as:

  • What’s the name of your app?
    • IDmelon
  • What are you looking to do with your application?
    • Integrate any other application you don’t find in the gallery (Non-gallery)

And then Click Create button.

alt

Step 5 - Provisioning

In the opened page, click the Get started of the Provision User Accounts section.

alt

Step 6- Provisioning

And then in the next page, click the Get started from main again.

alt

Step 7 - Update credentials

And then in the next page, fill fields of opened from as:

  • Provisioning mode
    • Authomatic

And in the Admin Credentials section:

  • Tenant URL

    • https://sso.idmelon.com/api/scim/v2/

  • Secret Token

    • PASTE THIS VALUE FROM IDMELON PANEL

And click Test connection to check the connection to IDmelon is successful.

Then click Save.

alt

Step 7 - Update Settings

Based on your situation, change the Scope to Sync all users and groups

alt

Step 8 - User Attribute mapping

Expand the Mapping section and click on Provision Microsoft Entra ID Users

alt

Step 9 - User attribute mapping - advance options

In the Attribute Mappings section, check the Show advanced options option, and then click on the Edit attribute list for customappsso:

alt

Add a new immutableId field based as picture and below table and then click the Save.

alt

NameType
urn:ietf:params:scim:schemas:extension:IDmelon:2.0:User:immutable_idString

Step 10 - User attribute mapping

Back to the Attribute Mappings section, and from the default list, apply these two changes and then click the Save.

  • Change the objectId field by clicking on the Edit button.
  • Add immutableId field by clicking the Add New Mapping.
customappsso AttributeMicrosoft Entra ID AttributeMatching precedence
objectIdexternalId
immutableIdurn:ietf:params:scim:schemas:extension:IDmelon:2.0:User:immutable_id

alt alt alt alt

Step 11 - Group Attribute mapping

Expand the Mapping section and click on Provision Microsoft Entra ID Group

alt

Step 12 - Group attribute mapping - advance options

In the Attribute Mappings section, check the Show advanced options option, and then click on the Edit attribute list for customappsso:

alt

Add a new description field based as picture and below table and then click the Save.

alt

NameType
descriptionString

Step 13 - Group attribute mapping

Back to the Attribute Mappings section, and from the default list, apply this change and then click the Save.

  • Add description field by clicking the Add New Mapping.
customappsso AttributeMicrosoft Entra ID AttributeMatching precedence
descriptiondescription

alt alt alt

Edit this page on GitHub
×