About this article
The purpose of this article is to guide you through the setup of SCIM with Azure AD. If you're looking for more general information about SCIM and what it is, please go to our other article: What is SCIM and how does Templafy use it?
Steps explained below are needed actions from Templafy/Implementation partners:
- Go to yourtenant.templafy.com in a browser and click Administration
- Navigate to Authentication Method in admin interface and create a new method.
- Save the new authentication method and now you will see a field called SCIM API Key. Generate a new one and then copy it.
- Send SCIM key to client IT
- Go to your Azure Portal and sign in (Important: make sure you are in the correct directory!)
- Navigate to Azure Active Directory on the left hand side
- Navigate to Enterprise Applications > All applications > New application
- SCIM isn't supported from the same Enterprise Application. So if you are already using AzureAD (OpenID) as authentication for Templafy, you would need to create/ add a new Enterprise Application designated for SCIM.
- Search for Templafy in the Gallery and click add to choose the highlighted (Templafy SAML2) application
- Select the Provisioning tab
- Set the Provisioning Mode to Automatic.
- Under the Admin Credentials section, input
https://scim.templafy.com/scimin Tenant URL. Input the SCIM API Key value retrieved earlier in Secret Token. Click Test Connection to ensure Azure AD can connect to Templafy. If the connection fails, ensure your Templafy account has Admin permissions and try again.
- In the Notification Email field, enter the email address of a person or group who should receive the provisioning error notifications and check the checkbox - Send an email notification when a failure occurs.
- Click Save
- Under the Mappings section, select Synchronize Azure Active Directory Groups to Templafy.
- Review the group attributes that are synchronized from Azure AD to Templafy in the Attribute Mapping section. The attributes selected as Matching properties are used to match the groups in Templafy for update operations. Select the Save button to commit any changes.
- To configure scoping filters, refer to the following instructions provided here
- To enable the Azure AD provisioning service for Templafy, change the Provisioning Status to On in the Settings section.
- Define the users and/or groups that you would like to provision to Templafy by choosing the desired values in Scope in the Settings section.
- When you are ready to provision, click Save.
- If you decide to Sync only assigned users and groups. Please navigate back to Users and Groups section of the App to add relevant users and/ or groups