All Collections
SSO & SCIM User Provisioning
How to set up SCIM User Provisioning for Microsoft Azure AD
How to set up SCIM User Provisioning for Microsoft Azure AD

How to set up SCIM User provisioning for Microsoft AD to automatically provision users to the Tribeloo application

T
Written by Thomas Papen
Updated over a week ago

Features

The following provisioning features are supported by Tribeloo:

  • Create users: New users created through Azure AD will also be created in Tribeloo

  • Update user attributes: Updates made to the user's profile through Azure AD will be pushed to Tribeloo

  • Deactivate/reactivate users: Deactivating the user or disabling the user's access to the application through Azure AD will deactivate the user in Tribeloo. Deactivating a user means removing access to login, but maintaining the user's information as an inactive user.

  • Remove users: Users removed in Azure AD will also be removed in Tribeloo.

Log into your Azure Portal

1. Log in to your Azure portal and go to “Enterprise applications”

Create the Tribeloo SSO / User Provisioning application

If you are setting up the Tribeloo - Azure integration for the first time, you will need to create a new application. Otherwise, skip to step 4

2. Select '+ New application'

3. Search 'Tribeloo', select Tribeloo from the list and click on create

Set up SCIM User Provisioning

4. Search for and open the Tribeloo app. Careful! There can be 2 Tribeloo apps: 1 for providing access to the Outlook calendar of employees for the Outlook add-in and one for the SSO / User Provisioning. Please make sure to select the 2nd one.

5. Select “Provision User Accounts” and confirm to “Get started”

6. Set “Provisioning mode” to “Automatic”

7. Log into the Tribeloo app and navigate to Admin →User management →User provisioning: https://app.tribeloo.com/admin/management/user-provisioning

8. click on “Enable User provisioning” and click “Continue”. The green “Enable User provisioning” button will turn into a red "Disable User Provisioning" button

9. Switch back to the Azure Portal. In “Admin Credentials” copy the “Tenant URL” and “Secret Token” that you will find in the Tribeloo app under “Admin” – “User Management” – “User provision” tab

  • “Tenant URL” needs to be completed with “SCIM Base URL” from Tribeloo app

  • “Secret Token” needs to be completed with “SCIM Bearer Token” from Tribeloo app

  • Click “Test Connection” → you will see a message if the connection was successfully established

  • Click “Save”

10. In “Mappings”, click on “Provision Azure Active Directory Groups”, set “Enabled to “No” and click “Save”

11. In "Mappings", click on "Provision Azure Active Directory Users"

12. Update the “Azure Active Directory Attribute” mapping to the below and click “Save”. The mapping to addresses[type eq "work"].formatted will allow the user to be provisioned directly to a “Home site” in Tribeloo if the value received corresponds to the name of a Tribeloo site. If this mapping is not available or doesn’t match to a Tribeloo site, the user will be created without “Home site” (Site= None). Please contact support if you want to map sites but the Azure site name does not match the Tribeloo site name

13. Under “Settings”, you can provide an email to receive notifications of critical errors

14. Set ‘Provisioning status’ to “On” → Save and Confirm

15. If all went well, you will receive a success message and you are all set!

If you have questions or difficulties with your Tribeloo/Azure AD SCIM integration, please contact Tribeloo support via support@tribeloo.com

Did this answer your question?