Learn how you can use Azure AD to manage an active directory of your clients’ users and keep your contact list clean and up to date.
It takes a lot of time and effort to keep the contact info of your client database up to date, even more so when you have to do it across tools.
That’s why we integrated with Azure AD, to give you an easier way to manage the access and identity of your clients’ workforce, and keep their information readily updated in SuperOps.ai.
What is Azure AD?
Azure Active directory (AD) is an industry-leading identity and access management (IAM) that helps organizations manage their employees’ access to resources and other applications.
With Azure AD, you can ensure that your client and technician info in SuperOps.ai is never outdated by syncing your databases between Azure AD and SuperOps.ai.
How to set it up
📝 Note:
The integration between Azure and SuperOps.ai is a one-way sync. User information will be imported whenever data is updated into the corresponding mapped client in SuperOps.ai.
Please ensure that you have an active, paid Azure subscription
1. Click the settings icon on the pane to the left. Scroll to the bottom of the settings page and select marketplace.
2. In the marketplace page, you can find Azure listed under the active directory section. Click generate tokens to get started.
3. In the Azure configuration page, you’ll find a list of instructions to connect your SuperOps.ai account with Azure. In this page, you can generate a unique URL and an authentication token for each client. You can use this URL and token in Azure to map clients between Azure and SuperOps.ai. Your MSP’s URL and token will be automatically generated. You can use this MSP URL to import information about your technicians from Azure AD.
4. Below your MSP’s token and URL, you’ll find the list of clients available in SuperOps.ai. You can select the clients you want to map using the checkbox, and click the generate URL and token button. You can use the client URL to import information about your client’s users aka requesters from Azure AD into SuperOps.ai.
5. Once you’ve clicked the button, the URL and token will be generated for the selected clients. You can view the list of clients with existing URLs and tokens using the clients with tokens filter.
6. Next, log in to Azure, select Azure AD, and create a new enterprise application for the client.
7. Give the new enterprise application a name and choose the option to integrate with a non-gallery app. Click Create to add the application.
8. Now that the application is created, you need to import users. Go to "Users and Groups" in the pane on the left and click "+Add user or group." Under "Users," click “none selected” to search for and choose the users you want to import into Superops.ai, and then click "Select" to complete the process.
9. Once you are done, click Assign at the bottom of the page.
10. Now that the users are successfully assigned to the enterprise application, open “provisioning” in the left panel. Click "get started" to start the process.
8. Select the provisioning mode as automatic, fill in the tenant URL and the authentication token for the client from SuperOps.ai under admin credentials, and click save.
9. Next, configure the attribute mapping between Azure and SuperOps.ai. This mapping ensures that the data from Azure lands in the right requester and technician fields in SuperOps.ai. We handle this by using the SCIM framework to map attributes between both platforms. Click Provision Azure AD users under the mappings section to get started.
📝 Note:
We currently support the import of only Azure AD users into SuperOps.ai. Please ensure that the provisioning for Azure AD groups is set to No.
10. Make sure that the target object actions (create, update, and delete) are all selected, and scroll down to the attribute mapping table.
11. In the attribute mapping table, configure the mapping through the SCIM attributes to point the fields in Azure to the right fields in SuperOps.ai.
Here are a list of attributes supported in SuperOps.ai and their corresponding source attributes (SCIM attributes) and target attributes (potential Azure AD attributes):
Supported attributes in SuperOps.ai | Source attribute (Potential Azure AD attribute) | Target attribute (SCIM attribute) |
userPrincipalName | userName | |
First name | givenName | name.givenname |
First name | displayName | displayName |
Last name | surname | name.familyName |
Phone number | telephone-Number | phoneNumbers[type eq "work"].value |
Reporting manager | manager | urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager |
Designation | jobTitle | title |
Business function | department | urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department |
(if a record does not have a first name (givenName) or a last name (surname), SuperOps.ai will consider the displayName attribute as the first name. So you can map the displayName attribute along with the givenName and surname attributes.)
After mapping the source attributes to their corresponding target attributes, click save to complete the configuration process. Once you’re done, the mapping should look something like this:
📝 Note:
The designation, and business function fields are only available for importing technician information from Azure AD.
Your configuration process is complete and your Azure integration is good to go! Now, your client users and technicians in SuperOps.ai will be synced automatically as and when their information is updated in Azure.
⚠️ Important: When removing users from Azure, their deletion won't be instantly reflected in SuperOps.ai. To effectively delete Azure AD users within SuperOps,
1. Navigate to the Deleted users list
2. Choose the specific users you wish to remove, and then select the "Delete permanently" option.
Alternatively, if no action is taken, the system will automatically remove the users after a 30-day period.
Can't find the integration you're looking for in SuperOps.ai? Let us know! We'd love to co-build the product with you and make it a part of our product roadmap.