Skip to main content

Hi All,

We have an requirement of syncing all the users in Azure AD to newly installed IFS Cloud environment. Any idea on how can we do it in quicker way? 

@Chathuranga7770 : You can do it using SCIM Process

https://docs.ifs.com/techdocs/22r2/030_administration/010_security/025_scim/

Example on how to do it with Azure AD :

https://docs.ifs.com/techdocs/22r2/030_administration/010_security/025_scim/010_scim_configuration_example/


..but see https://ifs.ideas.aha.io/ideas/PID-I-182 for limitations..

The video 

 could be helpful as well. The Azure side is not covered in great detail in docs.


Hi All,

Thank you for the information, but we have configured the Azure AD successfully  and we have several users which we have created manually in IFS application side and synced and working perfectly.

Our requirement is get other users from Azure AD side to IFS application without creating users one by one.

Hope this more clear now.


@Chathuranga7770  : You dont have create users manually in IFS application. SCIM process will help you to provision (create) the new user in IFS application. It also helps you to update/deactivate/reactivate users from SCIM process

 

 


Sorry, that is the SSO video.

SCIM should handle user creation for you, no manual creation of the users needed on the IFS side. Do you have the users provisioned to the application on the Azure side?


@Chathuranga7770  SCIM didn’t work for us in CR 22R1 due to field length limitations. So I recommend to do a thorough tech check on all fields you plan to use and see if the IFS SCIM setup indeed covers your requirements. 


We have 23R1 hope SCIM will work 


@Anil Dubey Thank you for the infraction. Did you tried it in Build place environment for the testing ?


@Chathuranga7770 : I have done it in Use place only for several customers. You can configure SCIM at build place too but just beware that when the build place environment expires you might lose your setup. Whereas, in use place the setup is maintained permanently even if you clone any of these use place environment with eachother. Also, SCIM is a setup which can be done on screen directly and hence its not necessary to do it in Build Place  because even if the setup is not good, you can delete it and recreate it. I believe that Use place is more relevant for this setup since you will sync business users as part of this process and they will mostly use Use place environments. In any case, you can do it in build place too :) 


@Anil Dubey  Thank you and could you please let me know whare to find the Tenant URL ?

 

 


Hi @Chathuranga7770,

 

Sorry for delay in my response. I was on vacation

The Tenant URL is combination of your use place environment link + main endpoint of IFS Scim

Here is an example :

Use Place Environment  - CFG URL : https://xxx-cfg.ifs.cloud/

Endpoint of IFS SCIM : ifsapplications/SCIM/v2

Tenant URL : https://xxx-cfg.ifs.cloud/ifsapplications/SCIM/v2

 

Cdt,

Anil


Reply