How to configure SCIM 2.0 with Azure

This article will cover setting up SCIM provisioning with Azure. If this is your first encounter with SCIM provisioning check out this article:

Note: The SSO setup needs to be completed prior to this SCIM setup. You can find that article here: Setting up SSO with Microsoft Azure AD

1. Navigate to the app, and select 'Provisioning':

2. Under "Provisioning Mode", select "Automatic". The Tenant URL and secret token can be found on the Rhombus web console SSO/SCIM page here at the bottom. The token will only be available one time. 

3. Under "Mappings", click "Provision Azure Active Directory Users". Open the advanced options menu and click on "Edit attribute for customappsso". 

4. Add a new row to the list called "roles" with type "string" and check the box for "Multi-Value". Then click "Save" at the top. 

5. Go back to the "Provision Azure Active Directory Users" menu and this time, select "Add new mapping". For Type, put "expression" and paste

AppRoleAssignmentscomplex([appRoleAssignments])

into the Expression box. Under Target Attributes, select "roles" and then click OK and Save. 

Back out of this and go back to Provisioning -> Mappings -> Provision Azure Active Directory Groups. Change enabled from Yes to No, and then click Save. 

6. Now with your SCIM configuration in place, your provisioning is good to go!

If you have any further questions please reach out to our Rhombus Support at help@rhombus.com. If you would like to talk to a Rhombus Sales Representative please reach out to sales@rhombus.com.