1
0
mirror of https://github.com/Unleash/unleash.git synced 2024-10-28 19:06:12 +01:00
unleash.unleash/website/docs/how-to/how-to-setup-provisioning-with-entra.md
2024-06-06 09:45:45 +02:00

3.1 KiB

title
How to Setup Entra Provisioning

:::info availability

The Provisioning capability is only available for customers on the Enterprise subscription. Check out the Unleash plans for details.

:::

Unleash Configuration

Step 1: Navigate to Provisioning configuration

First you'll need to log in to Unleash as an admin user. Navigate to the Single Sign-On section and select the "SCIM" tab. The SCIM API URL will be shown in this section, you'll need this to configure Entra later.

Navigate to the SCIM Config

Step 2: Enable Provisioning

Enable SCIM by turning on the toggle and keep the token Unleash provides you for the Entra setup below.

Enable the SCIM toggle

Entra Configuration

Step 1: Navigate to Provisioning in Entra

:::info Note

This guide assumes you already have an SSO application setup for Unleash. If you don't already have an application configured, please see our guide on setting up SSO.

:::

1) Navigate to "Enterprise Applications"

Navigate to Enterprise Applications

2) Navigate to your SSO Application

Select your Application

3) Navigate to provisioning

Navigate to the provisioning overview menu item

Step 2: Connect Unleash to your Entra Application

1) Navigate to the Provisioning overview

2) Set the Tenant URL

This the SCIM API URL provided by the Unleash UI in the configuring Unleash section.**

3) Set the Secret Token

This was provided by the Unleash UI in the configuring Unleash section.

4) Save

Setting up SCIM credentials

Step 3: Configure Provisioning

1) Expand the mappings tab

2) Navigate to "Provision Microsoft Entra ID Users"

Navigate to user provisioning setup

This was provided by the Unleash UI in the configuring Unleash section.

Connect Unleash

3) Remove unneeded properties

You should remove all unnecessary properties. This ensures that Entra will reach a steady state when synchronizing. The properties that you must retain are:

  • userName
  • displayName
  • emails
  • externalId

4) Update the active property

You need to set the active property to the following (lowercase the boolean values):

Switch([IsSoftDeleted], , "false", "true", "true", "false")

**5) Update the email property to **

Update provisioning properties

6) Save

Step 4: Enable Provisioning

1) Enable provisioning

Enable provisioning

2) Enable automatic provisioning

Enable provisioning