Skip to main content Skip to complementary content

Setting up SCIM provisioning on Azure AD

Before you begin

You have configured your application in the Azure portal.

Procedure

  1. Go to https://login.microsoftonline.com to find the application created in Azure Active Directory and click it to open its page.
  2. In the Manage section, click Provisioning to open its view.
  3. Ensure that the Provisioning Mode is Automatic and expand Admin Credentials.

    Example

    In the Provisioning settings, the Provisioning Mode is in Automatic and the Tenant URL and Secret Token settings display in the Admin Credentials list.
  4. In the Tenant URL field, enter the address of the SCIM specific API provided by Talend Cloud:

    Example

    https://api.<env>.cloud.talend.com/scim/v2
    Replace <env> with the name of your Cloud region. For further information, see Talend Cloud regions and URLs.

    For further information about the Talend SCIM API, see https://api.talend.com/apis/scim-v2/2021-03/.

  5. In the Secret Token field, enter your personal access token to Talend Cloud.
  6. Click Test Connection. A message should appear to indicate that your connection to the SCIM API of Talend Cloud is successful.
  7. Expand the Mappings section, click Provision Azure Active Directory Users to open its Attribute Mappings page and change the Azure Active Directory Attribute for the userName attribute to mailNickname, because the mail nickname is the format required by the userName attribute of Talend Cloud.
    To successfully map an attribute, ensure that this attribute has been defined for the user profiles in Azure AD and contains actual values.

    Example

    Attribute Mapping settings.

Results

Users and groups to be created in your Azure system are synchronized to Talend Management Console.

What to do next

If you have enabled SSO for Talend Management Console in your third-party system, the Azure system in this example, it is recommended to map roles between your third-party system and Talend Management Console to automate the role assignment for the synchronized users and groups.

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here