SUPPORT

Contact Support

OPEN A TICKET

Configuring Azure Active Directory Integration with SCIM

Azure Active Directory (Azure AD) is a universal platform designed to protect and manage access to identities. So, you can configure Azure AD to provision and synchronize users and groups with Invicti Enterprise.

  • With System for Cross-domain Identity Management (SCIM) 2.0, you can organize users and user groups. This standard lets you provide a defined schema for representing users and groups. So, you can securely automate the exchange of user identity data between your cloud application and any service provider.
  • So, if you want to synchronize roles and permissions in addition to users and/or user groups, you need to configure the mapping between Azure Active Directory users/groups and Invicti Enterprise members/teams.

This topic explains how to add users and/or groups to the Invicti Enterprise application in Azure Active Directory. Also, it explains how to synchronize users and/or groups in Azure Active Directory with Invicti Enterprise.

The following instructions only let you synchronize users and/or groups in Azure Active Directory with Invicti Enterprise. For auto-provisioning and Single Sign-On, see Configuring Azure Active Directory Integration with SAML.

Prerequisites:

How to Add Users and/or Groups to Invicti Enterprise application in Azure Active Directory
  1. Log in to the Azure Portal.
  2. From the main window, go to Azure Active Directory > Enterprise Applications > Invicti Enterprise.
  3. On the left navigation pane, select Users and Groups.
  4. Select + Add user/group.
  5. From the Add Assignment window, select Users and Groups. From the Users and Groups section, select users/groups to add. Once completed, click Select.
  6. From the Add Assignment window, click Select a role. From the Select Role section, select role(s). Once completed, click Select.
  7. Select Assign.

Azure AD will assign users and/or groups to the application. Once added, you can now synchronize users and groups with Invicti Enterprise.

How to Synchronize Users and/or Groups in Azure Active Directory with Invicti Enterprise
  1. Log in to the Azure Portal.
  2. From the main window, go to Azure Active Directory > Enterprise Applications > Invicti Enterprise.
  3. On the left navigation pane, select Provisioning.
  4. Select Edit Provisioning.
    • From the Provisioning Mode drop-down, select Automatic.
    • In the Admin Credentials section, complete the details:
      • Enter https://www.netsparkercloud.com/scim/v2 to the Tenant URL field. (For further information about the SCIM endpoints, see SCIM API)
      • Enter your API Token to the Secret Token field. (For further information about API Token, see API Settings.)
      • Select Test Connection to make sure that the connection works.
    • In the Mappings section, configure the mapping between Azure Active Directory users/groups and Invicti Enterprise members/teams.
    • In the Settings section, enter a notification email if necessary and specify the Scope.
      • From the Scope drop-down, select the Sync only assigned users and groups option if you want to synchronize all users and groups added to Invicti Enterprise in Azure AD.
    • In the Provisioning Status, select On.
    • Select Save.
  1. On the Provisioning window, select Start Provisioning to synchronize users with Invicti Enterprise.

The provisioning will take some time based on the number of users you added to the Invicti Enterprise application.

Once this initial synchronization is completed, the provisioning service goes into incremental synchronization mode. It will make changes to Invicti Enterprise based on the changes detected in Azure Active Directory. This includes any changes, such as name and roles.

Invicti

Highly accurate, fast & easy-to-use Web Application Security Scanner

Get a demo