Configuring SCIM Integration with Azure Active Directory

To configure SCIM in Azure Active Directory:

1. Open and sign into Microsoft Azure.
2. Click Azure Active Directory and click Add to create active directory users. Once created, edit each user to ensure each contains a valid email.

   Note: Emails cannot be added on creation. You must create the user, then modify it to add an email.

3. Once the users are created, click Enterprise applications and create a new or select an existing application.
4. Configure Single sign-on with Azure Active Directory.
5. In Azure, click Provisioning and click Get Started if available. If not, click Edit provisioning. Ensure that Provisioning Mode is set to Automatic. Expand the Admin Credentials section and update the Tenant URL to the Management Endpoint from the Account Control Services SCIM Provisioning tab. Set the Secret Token to the value of the Bearer Token generated in Account Control Services under the SCIM Provisioning tab.
6. Under Enterprise application, confirm that Azure can communicate with Laserfiche Cloud.
7. Wait a few minutes for the SCIM provisioning to take effect. Or you can click Provision on demand and search for the user in order to expedite the provision.
8. In ACS, view the user list to see the provisioned user.

   Note: If users are not displayed, go back to Azure, click the Provisioning tab, and click View provisioning logs to check for errors.

Once Azure Active Directory is configured, adding, updating, or removing a user in Azure, will automatically add, update, or disable the user in Laserfiche.

Note: Users updated in Laserfiche will not be synced to Azure. This is a one-way communication from Azure to Laserfiche.

For more information on configuring SCIM with Azure Active Directory, see the Microsoft Help Center.