Directory Sync

Max-Antoine
Max-Antoine
  • Updated

Directory Sync for Your Organization

Directory Sync will allow your organization to provision and de-provision accounts with your directory provider using SCIM 2.0.

 

Note: Only administrators with 'Owner' privileges have access to directory sync settings for your organization. Refer to how to set owner status for more information.

 

Configuring Directory Sync

Retrieve SCIM API Endpoint

  1. Navigate to 'Security' tab under your organization settings on Wave.

    Navigate to Security Tab
  2. Select 'Configure' under 'Directory Sync.'

    Select Configure

  3. Copy the SCIM endpoint by clicking on the clipboard icon.
    Copy SCIM Endpoint

Generate Access Token

  1. Navigate to 'Security' tab under your organization settings on Wave and select 'Add token' under 'Tokens.'

    Add Token

  2. Assign a name to your token, select 'Manage SCIM' for 'Scopes,' and press 'Create' to generate a new token.

    Generate Access Token

  3. Copy this token by clicking on the clipboard icon.

    Copy Access Token

Set Up Provisioning for Your Organization

Microsoft Azure Logo Microsoft Azure

  1. Navigate to 'Enterprise applications' under your organization's overview page.

  2. Select your desired Azure application or create a new one (learn more about creating a new application on Azure).

  3. Select 'Provision User Accounts' or navigate to 'Provisioning' tab in the side bar menu.

    Navigate to Provisioning
  4. In the new page, click on 'Get started' to set up provisioning.Press Get Started Button

  5. Map 'Provisioning Mode' to 'Automatic.'

    Set Provisioning to Automatic
  6. Navigate to 'Admin Credentials.'

    Navigate to Admin Credentials
  7. Paste the SCIM URL endpoint under 'Tenant URL' field on 'Admin Credentials' under your application's provisioning page. Refer to our guide on retrieving your organization's SCIM endpoint URL for more information.

    Paste Your SCIM Endpoint
  8. Paste your security token under 'Secret Token' field on 'Admin Credentials' under your application's provisioning page. Refer to our guide on generating access token for your organization's API for more information.

    Paste Access Token
  9. Click on 'Test Connection' to test your SCIM connection. You should receive a confirmation message from Azure. Once your connection is validated, click on 'Save.'

    Test Your SCIM Connection
  10. Return to the provisioning menu and select 'Start provisioning.'

    Start Provisioning

JumpCloud Logo JumpCloud

  1. Navigate to 'SSO Applications' under your organization's overview page.

  2. Create a new application using 'Add New Application' or select one already in your organization.

    Add New Application
  3. Select 'Custom Application' then press 'Next.'

    Select Custom Application
  4. In the new page, check 'Import users from this app (Identity Management)' & 'Export users to this app (Identity Management)' for provisioning then press 'Next.'

    Import & Export Users
  5. Assign a label to your application then click on 'Save Application.'

    Save Application
  6. Navigate to 'Identity Management' under your newly created application.

    Navigate to Identity Management
  7. Paste the SCIM URL endpoint under 'Base URL' field. Refer to our guide on retrieving your organization's SCIM endpoint URL for more information.

    Paste SCIM URL
  8. Paste your security token under 'Token Key' field. Refer to our guide on generating access token for your organization's API for more information.

    Paste Security Token
  9. Enter a test email address in the field provided and use 'Test Connection' to validate your SCIM connection. After receiving a confirmation message from JumpCloud, click on 'Activate.'

    Test SCIM Connection
  10. Under 'Attribute Mapping,' map 'PhoneNumbers.Value' to 'Work Phone,' 'Emails.Value' to 'Company Email,' and 'EnterpriseExtension.Organization' to 'Company' then click on 'Save.'

    Attribute Mapping

 

Assigning Members to a Team

Microsoft Azure Logo Microsoft Azure

  1. Navigate to 'Users and groups' under the side bar menu of your application overview page on Microsoft Azure.

    Navigate to Users and Groups Tab
  2. Click on 'Add user/group.'

    Add Users and Groups
  3. Choose 'None Selected.'

    Click on None Selected
  4. Select the users or groups you wish to add to your application then in the following page press 'Assign.'

    Select Users You Wish to Add to Your Application
  5. Users assigned to your application will automatically sync to your team on Wave.

     

    Note: Users assigned to an Azure application will require a valid email address for provisioning to work properly.

JumpCloud Logo JumpCloud

  1. Navigate to 'User Groups' in the side bar menu, then select the group you wish to set-up provisioning for.

    Navigate to User Groups
  2. Under 'Applications' tab for the group, assign an application from your organization and 'Save.'

    Application Assignment
     

    Note: It is critical that the application you choose has 'Identity Management' enabled. Refer to set up provisioning for your organization for more information.

  3. Navigate to 'Users' tab, select the users you wish to add to your group, and then press 'Save.'

    Add Users to Group
  4. Users assigned to your group will automatically sync to your team on Wave.

De-provisioning Member

Microsoft Azure Logo Microsoft Azure

  1. Navigate to 'Users and groups' under the side bar menu of your application overview page on Microsoft Azure.

    Navigate to Users and Groups Tab
  2. Select the users or groups you wish to remove from your team.

    Select Users to Remove from Your Team
  3. Click on 'Remove.'

    Click on Remove Button
  4. Click on 'Yes' to confirm your removal request.

    Click on Yes to Confirm Removal
  5. Users removed from your application will be automatically deleted from your team on Wave.

JumpCloud Logo JumpCloud

  1. Navigate to 'User Groups' in the side bar menu, then select the group you wish to modify.

    Navigate to User Groups
  2. Navigate to 'Users' tab, uncheck the users you wish to remove from your group, and then press 'Save.'

    Uncheck Users
  3. Users unassigned from your group will automatically remove to your team on Wave.