SCIM Azure

SCIM integration using Azure

Odi avatar
Written by Odi
Updated over a week ago

Features

  • Create Users

  • Update User

  • Attributes

  • Deactivate Users

  • Import Users

  • Import Groups

Adding the enterprise app to your Azure AD

Before starting to configure SCIM you have to add the app into Azure. Unfortunately due to the way Azure works, this CANNOT be done through the official AD Gallery as seen on this screenshot:

Instead you have to go into your Account > Authentication page in Looop and enable 'Microsoft Azure':
โ€‹

You can disable it later if you donโ€™t want azure SSO after you have SCIM configured.

  1. Log out of Looop

  2. Click this button on the Looop login form:

Accept the permission request presented by Microsoft domain and click the checkbox:

You should get back into Looop. Now the enterprise app is added in your Azure AD! ๐ŸŽ‰

SCIM Configuration Instructions

To enable SCIM provisioning, follow these steps:

In Looop application:

1. Log in as organisation administrator

2. Go to Account > Provisioning page:

3. You will find SCIM endpoint URL and a list of access tokens. If your list is empty, create a new one.

4. Copy the token.

On Azure platform:

  1. Find the Looop app, go to 'Assign Users and Groups' blade to configure which users from your AD will have Looop app available to them. Consult with Azure guide in case of any questions, this is not specific to Looop application:

3. After configuring users and groups, return and click 'Get started' under 'Provision User Accounts' section

4. Switch 'Provisioning mode' to automatic 'Admin Credentials' section will become available

5. Fill in Admin Credentials using data provided by the Looop application:

6. Click on 'Test Connection' button, it should show 'Success' notification

7. In 'Mappings' section use default settings

8. Switch 'Provisioning Status' to 'On'

9. If needed, go into 'Edit provisioning' and modify your mappings as needed by your organisation.

10. Done! Azure will now provide data of users assigned to the app to Looop platform and they will be able to sign in via Azure SSO

Configure Looop for automatic user provisioning

The objective of this tutorial is to demonstrate the steps to be performed in Looop and Azure Active Directory (Azure AD) to configure Azure AD to automatically provision and de-provision users and/or groups to Looop.

Note

This tutorial describes a connector built on top of the Azure AD User Provisioning Service. For important details on what this service does, how it works, and frequently asked questions, see Automate user provisioning and de-provisioning to SaaS applications with Azure Active Directory.

This connector is currently in Public Preview. For more information on the general Microsoft Azure terms of use for Preview features, see Supplemental Terms of Use for Microsoft Azure Previews.

For more detailed information on provisioning, please see this guide: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/looop-provisioning-tutorial


โ€‹
โ€‹

Did this answer your question?