Setup SCIM in Azure AD

This documentation will guide you through setting up provisioning in RandomCoffee with Azure AD. You’ll have to create and configure a new Enterprise application based on the SCIM protocol.

To do so, you’ll need to log in to your Azure Portal and navigate to the Azure Active Directory configuration page. During this setup, you also need to log in to your company RandomCoffee subscription to execute specific actions in the Admin Center.

Configuring a new application in Azure Active Directory

  1. Create a new Enterprise application

  2. Click on Enterprise Applications and create a New application.

  3. Enter a name for your application (e.g. RandomCoffee SCIM Provisioning) and select Integrate any other application you don’t find in the gallery (Non-gallery). Click Create.

  4. Select Provisioning in the created app, then click Get Started.

  5. For the next step, you should provide the Tenant URL and Token provided by RandomCoffee.

  6. Copy the Base URL and API token from the Admin Center and paste them into the Azure AD provisioning credentials fields. Click Enable in the RandomCoffee Admin Center. Then click Test Connection.

  7. Refresh the page in your browser. Provisioning settings will not work properly on the website until refreshed.

  8. Update user attribute mapping

  9. User attribute mapping must be updated so only the relevant information is sent to RandomCoffee. Click Provision Azure Active Directory Users under Mapping.

  10. Update the attribute mappings to contain at least the ones on the screenshot below, then click Save.

For now, the only custom fields we are supporting are the fields having this format urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:xxxxx

Like urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department and are in a string format.

To add custom fields please follow these instructions:

Go to “Provision Active Directory Users”:

Click on “Show advanced options”:

Add your custom field in the format urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:xxxxx here we’re creating urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:customfield

Save it:

Click on “Add New Mapping”

Map your custom field and Save it

Technical considerations when using RandomCoffee's provisioning integration

  • Newly provisioned users will be automatically assigned to the non-admin role. You can grant Admin Role in RandomCoffee Admin Center.

  • In case you change the status of SCIM managed user to Inactive on the RandomCoffee Admin Center UI, it won’t affect their ‘active' attribute in your provisioning application.

  • User information can’t be changed on the Admin Center UI.

Last updated