The Device Hub SCIM API integration supports SCIM version 2.0 and is certified for Azure Active Directory.
About this guide
The SCIM provisioning for Microsoft Azure AD guide is for Azure Active Directory administrators who want to configure user provisioning for Condeco using Condeco SCIM API. It assumes familiarity with Azure AD, basic identity management concepts, and the SCIM standard.
The key steps are provided, however, this is not a comprehensive guide. For utilizing the full potential of SCIM, please refer to the SCIM 2.0 protocol specification http://www.simplecloud.info/#Specification.
Our SCIM integration supports SCIM version 2.0 and is certified for Azure Active Directory.
Prerequisites
The following are required:
- Azure Active Directory
- The following values as provided by Condeco:
- Condeco SCIM API URL
- Condeco SCIM Token provider URL
- SCIM client ID
- SCIM client secret token
- Long-lived SCIM token generated from SCIM Token Provider (up to 10 years).
Learn how to generate a SCIM token
Supported actions
When the SCIM integration between Azure AD and Condeco is ready, the following actions performed from the Azure directory are also be applied to the users in the Condeco Device Hub.
Action in Azure AD |
Notes |
Create users |
Condeco requires a unique username for each user. If the username already exists in the Device Hub, the SCIM User creation is rejected by our SCIM API. |
Delete/Deactivate users |
|
Update user attributes |
Updates to user profiles in Azure AD are pushed to the Device Hub. |
Add a group |
Adding a group creates a corresponding group in the Condeco Device Hub. Any group members (who exist in Condeco) are automatically mapped to the Condeco group. |
Remove a group |
|
Update Groups attributes |
|
Add/remove users to/from a group |
Configuration
Current cycle status
In the Manage navigation menu select Provisioning to view the status of the current or initial incremental cycle. Use the buttons at the top to manually start or stop provisioning, and click View Provision details to check the schedule for the next run.