Sync Employees and Data from Azure AD

Note: If you're just getting started with your datasource sync, you should use our newer Microsoft integration instead.

Enabling user provisioning from Azure AD will allow you to add users from Azure to Pingboard and pull in their data from Azure. Employee data is synced one-way from Azure AD to Pingboard.

Note: Before you set up data syncing from Azure AD, you'll need to add Pingboard to Azure AD and configure Single Sign-On for Azure. Follow this guide to get started. We also highly recommend downloading an Everything Report from your account to give yourself a backup to revert to in case of errors in your sync setup.

From the Microsoft Azure integration page in Pingboard:

Azure Provisioning Instructions

  1. Select Enable user provisioning from Azure.
  2. Do not turn on the invite option for now – you can turn this on once the integration is set up and you're ready to launch Pingboard to your organization.
  3. Copy the OAuth Bearer Token generated for your Pingboard account.

 

Once you've copied your ID code, go back to your Azure AD Management Portal:

Azure Portal Pingboard Provisioning Instructions

  1. Navigate to the Pingboard Enterprise Application in your AD portal (Active Directory > Enterprise Applications > Pingboard).
  2. Select Provisioning and use the Get Started button.
  3. For Provisioning Mode, select "Automatic".
  4. Under Tenant URL, enter: https://your_domain.pingboard.com/scim/v2
  5. Under Secret Token, paste the OAuth Bearer Token generated for you in Pingboard previously.
  6. Click Test Connection to ensure that the Tenant URL and Secret Token are correct.
  7. Once the test is successful, click Save.
  8. Check and configure your Attribute Mapping section by selecting Mapping and Provision Azure Active Directory Users.
  9. Under Settings, keep Provisioning Status set to Off.

 

Now it's time to add your first user to make sure that everything is working correctly:

Selecting users to provision to Pingboard from Azure AD

  1. Navigate to the Pingboard Enterprise Application in your AD portal (Active Directory > Enterprise Applications > Pingboard).
  2. Select Users and Groups from the menu on the left.
  3. Use the Add User button.
  4. Select Users & Groups from the menu on the left, then choose any user that you want to use to test your setup (First and Last Names are required for a user to be synced, so make sure the user you select has both).
  5. Hit Select at the bottom of the screen, then Assign.
  6. Select Provisioning from the navigation menu to go back to your provisioning menu, then choose Update Credentials.
  7. Under Scope, choose Sync only assigned users and groups (that option should be selected by default).
  8. Set Provisioning Status to On.
  9. Save your changes.

As long as everything is set up correctly, you'll see the number of employees that you selected being synced under Synchronization Details on the Provisioning screen.

If your test user was already in your Pingboard account, check to make sure new information is syncing to Pingboard, or try syncing someone who isn't already in your Pingboard account. Keep in mind that this initial sync from Azure AD can take up to an hour (future syncing will not take as long).

After you check to make sure everything is syncing correctly, repeat steps 2-6 above to assign the rest of your users and groups to the Pingboard Enterprise App.

Since most Azure AD instances include accounts for printers, admin resources, and other accounts or employees that don't need synced Profiles in Pingboard, we recommend keeping your Scope set to Sync only assigned users and groups. If you want to sync every single item from your Azure AD instance to Pingboard, change your Scope to Sync all users and groups, save your changes, and Azure will submit sync requests for every account in your instance.

Congratulations, your Azure AD integration is complete!

 

Tip: Once provisioning is set up, employee data in Pingboard will sync one-way from Azure AD to Pingboard, automatically overwriting data in Pingboard with any changes made to data in Azure AD. We recommend turning "Employees can edit" off for any fields that are synced from Azure AD.
Note: Syncing by Group is only available on paid versions of Azure AD. If you're using a free version of Azure AD and don't want to individually select users for syncing, change your Scope to Sync all users and groups.
Warning: First Name and Last Name data is required for Pingboard to sync a Profile from Azure AD. Errors will occur if your Azure AD account attempts to sync profiles without First and Last names.

Still need help? Let us know.