SSO SCIM Synchronization with Entra ID
This document is about SSO SCIM synchronization with Azure Active Directory.
Step 1 - Login to azure
Login to the admin azure panel from here: https://portal.azure.com/#home ,
and click the Enterprise applications
.
Step 2 - Enterprise applications
From the All appliacations
menu, click to the New application
.
Step 3 - Create your own new application
Click on the Create your own application
.
Step 4 - Configure your own new application
Fill fields of opened from as:
- What’s the name of your app?
- IDmelon
- What are you looking to do with your application?
- Integrate any other application you don’t find in the gallery (Non-gallery)
And then Click Create
button.
Step 5 - Provisioning
In the opened page, click the Get started
of the Provision User Accounts
section.
Step 6- Provisioning
And then in the next page, click the Get started
from main again.
Step 7 - Update credentials
And then in the next page, fill fields of opened from as:
- Provisioning mode
- Authomatic
And in the Admin Credentials
section:
Tenant URL
- https://sso.idmelon.com/api/scim/v2/
Secret Token
- PASTE THIS VALUE FROM IDMELON PANEL
And click Test connection
to check the connection to IDmelon
is successful.
Then click Save
.
Step 7 - Update Settings
Based on your situation, change the Scope to Sync all users and groups
Step 8 - User Attribute mapping
Expand the Mapping
section and click on Provision Microsoft Entra ID Users
Step 9 - User attribute mapping - advance options
In the Attribute Mappings
section, check the Show advanced options
option,
and then click on the Edit attribute list for customappsso
:
Add a new immutableId
field based as picture and below table and then click the Save
.
Name | Type |
---|---|
urn:ietf:params:scim:schemas:extension:IDmelon:2.0:User:immutable_id | String |
Step 10 - User attribute mapping
Back to the Attribute Mappings
section, and from the default list, apply these two changes and then click the Save
.
- Change the
objectId
field by clicking on theEdit
button. - Add
immutableId
field by clicking theAdd New Mapping
.
customappsso Attribute | Microsoft Entra ID Attribute | Matching precedence |
---|---|---|
objectId | externalId | |
immutableId | urn:ietf:params:scim:schemas:extension:IDmelon:2.0:User:immutable_id |
Step 11 - Group Attribute mapping
Expand the Mapping
section and click on Provision Microsoft Entra ID Group
Step 12 - Group attribute mapping - advance options
In the Attribute Mappings
section, check the Show advanced options
option,
and then click on the Edit attribute list for customappsso
:
Add a new description
field based as picture and below table and then click the Save
.
Name | Type |
---|---|
description | String |
Step 13 - Group attribute mapping
Back to the Attribute Mappings
section, and from the default list, apply this change and then click the Save
.
- Add
description
field by clicking theAdd New Mapping
.
customappsso Attribute | Microsoft Entra ID Attribute | Matching precedence |
---|---|---|
description | description |