Configure user provisioning from Azure AD

Enabling user provisioning from Azure AD will allow you to add users from Azure to Pingboard and pull in their data from Azure. Employee data is synced one-way from Azure AD to Pingboard.

From the Microsoft Azure integration page in Pingboard:

Azure_Enable_provisioning_pingboard.png

  1. Select "Enable user provisioning from Azure"
  2. Do not turn on the invite option for now – you can turn this on once the integration is set up and you're ready to launch Pingboard to your organization
  3. Copy the OAuth Bearer Token generated for your Pingboard account

 

Once you've copied your ID code, go back to your Azure AD Management Portal:

Azure_enable_provisioning.png

  1. Navigate to the Pingboard Enterprise Application in your AD portal (Active Directory > Enterprise Applications > Pingboard)
  2. Select Provisioning
  3. For Provisioning Mode, select "Automatic"
  4. Under Tenant URL, enter: https://your_domain.pingboard.com/scim/v2
  5. Under Secret Token, paste the OAuth Bearer Token generated for you in Pingboard previously
  6. Click Test Connection to ensure that the Tenant URL and Secret Token are correct
  7. Once the test is successful, click Save
  8. Check your Attribute Mapping section by clicking Synchronize Azure Active Directory Users to Pingboard – delete any mapped fields that you don't store data for in Azure AD, then exit the Attribute Mapping section
  9. Under Settings, keep Provisioning Status set to Off

 

Now it's time to add your first user to make sure that everything is working correctly:

azure_provision_user.gif

  1. Navigate to the Pingboard Enterprise Application in your AD portal (Active Directory > Enterprise Applications > Pingboard)
  2. Select Users and Groups from the menu on the left
  3. Click Add User
  4. Select Users & Groups from the menu on the left, then click on a user that you want to use to test your setup
  5. Click Select at the bottom of the screen
  6. Click Assign
  7. Click Provisioning from the navigation menu to go back to your provisioning page
  8. Under Scope, choose Sync only assigned users and groups (that option should be selected by default)
  9. Set Provisioning Status to On
  10. Click Save

As long as everything is set up correctly, you'll see the number of employees that you selected being synced under Synchronization Details on the Provisioning screen.

If your test user was already in your Pingboard account, check to make sure new information is syncing to Pingboard, or try syncing someone who isn't already in your Pingboard account. Keep in mind that this initial sync from Azure AD can take up to an hour (future syncing will not take as long).

After you check to make sure everything is syncing correctly, repeat steps 2-6 above to assign the rest of your users and groups to the Pingboard Enterprise App.

Since most Azure AD instances include accounts for printers, admin resources, and other resources don't need synced Profiles in Pingboard, we recommend keeping your Scope set to Sync only assigned users and groups. If you want to sync every single item from your Azure AD instance to Pingboard, change your Scope to Sync all users and groups, save your changes, and Azure will submit sync requests for every account in your instance.

Congratulations, your Azure AD integration is complete!

 

Tip Once provisioning is set up, employee data in Pingboard will sync one-way from Azure AD to Pingboard, automatically overwriting data in Pingboard with any changes made to data in Azure AD. We recommend turning "Employees can edit" off for any fields that are synced from Azure AD.
Note Syncing by Group is only available on paid versions of Azure AD. If you're using a free version of Azure AD and don't want to individually select users for syncing, change your Scope to Sync all users and groups.

Still need help? Let us know.

Was this article helpful?

0 out of 0 found this helpful