SCIM provisioning using Azure AD

Supported Plans

  • Starter
  • Teams
  • Enterprise

 

Account owners or admins can use System for Cross-Domain Identity Management (SCIM) to automatically provision users and groups from Azure Active Directory to applications. Follow Microsoft's guide here. 

 

Robin offers a pre-configured SAML app within the Azure Marketplace. 

Head this way to learn more.

 

In Azure Active Directory

1

Browse to Azure Active Directory > Enterprise Applications, and select New application > All > Non-gallery application.

scim-azuread.png

2

Enter a name for your application, and click Add to create an app object.

3

Select Provisioning (in the left column).

4

In the Provisioning Mode menu, select Automatic.

azure-automatic.png

5

In the Tenant URL field, enter the URL of the application's SCIM endpoint:

https://api.robinpowered.com/v1.0/scim-2
6

The SCIM endpoint requires an OAuth bearer token from an issuer other than Azure Active Directory, copy the required OAuth bearer token into the optional Secret Token field. If this field is left blank, then Azure AD includes an OAuth bearer token issued from Azure with each request. Apps using Azure AD as an identity provider will validate requests against this token.

 

In Robin 

1

Log into your Robin account dashboard: https://dashboard.robinpowered.com/login

2
Navigate to Manage > Integrations > SCIM > Manage

scim-manage.png

3

Generate a new organization token. If you lose this token, you can always make a new one without affecting existing users.

scim-token.png

4

Copy this token into the Secret Token field within Azure.

 

Attribute Mapping

*Note: the preconfigured app does not support the department attribute.

  • User attributes requested by Robin:

Screen_Shot_2021-08-31_at_3.12.32_PM.png

  • Group attributes requested by Robin:

image-20190716-230340.png

Did this article help?