My Profile
Sign Out
Tickets
Knowledge Base
Login
Articles in this section
Category / Section
  2. Integrations
  3. Microsoft Entra ID Integration

Setup user provisioning with Microsoft Entra ID

Published:

After completing this setup, proceed with the following steps to configure user provisioning with Microsoft Entra ID.

Add BoldDesk from the Microsoft Entra application gallery

  1. Log into the Microsoft Entra Admin Portal.

  2. Go to Identity > Applications > Enterprise applications > New application.

    azure-ad-create-app-1.png

  3. Click the “Create Your Own Application” button.

  4. Enter a name for the application.

  5. Select the option Integrate any other application you don’t find in the gallery (Non-gallery).

  6. Click the Create button. Once the application is created, you will be redirected to the application’s home page.

    azure-ad-create-app-2.png

Connect with BoldDesk account

  1. In application page, select Provisioning in the left sidebar menu.

    azure-ad-provisioning-1.png

  2. Choose the Automatic option from the Provisioning Mode menu.

  3. Under the Admin Credentials section, enter your Tenant URL and Secret Token(Click on this link to create an API token).

Tenant URL: https://{your-domain}.bolddesk.com/api/v1/scim

  1. Click the Test Connection button to confirm Microsoft Entra ID connects with BoldDesk. Click Save when finished.

    azure-ad-provisioning-2.png

Attribute mapping

  1. In application page, select Provisioning in the left sidebar menu and then click on Edit attribute mappings.

  2. Choose the option to Provision Azure Active Directory Groups and then turn off this feature.

  3. Choose the Provision Azure Active Directory Users and then turn on this feature.

    azure-ad-mapping-1.png

  4. Choose the Target Object Action (Create, Update, and Delete).

    azure-ad-mapping-3.png

  5. In Attribute mappings section, add the user attributes and delete all default attributes not included in the following list.

Azure Active Directory Attribute Customappsso attribute Matching precedence Apply this mapping Mapping type Notes
userPrincipalName userName 1 Always Direct Mandatory
Switch([IsSoftDeleted], , "False", "True", "True", "False") active - Always Expression Mandatory
displayName displayName - Always Direct Mandatory
jobTitle title - Always Direct -
mail emails[type eq "work"].value - Always Direct -
Switch(Join(" ", [givenName], [surname]), Join(" ", [givenName], [surname]), "", [mailNickname]) name.formatted - Always Expression Mandatory
telephoneNumber phoneNumbers[type eq "work"].value - Always Direct -
mobile phoneNumbers[type eq "mobile"].value - Always Direct -
objectId externalId - Always Direct Mandatory
SingleAppRoleAssignment([appRoleAssignments]) roles[primary eq "True"].value - Always Expression Mandatory
physicalDeliveryOfficeName addresses[type eq “work”].formatted - Always Direct or Expression We can also bind expression like this Join(",", [streetAddress], [city], [state], [postalCode], [country])

  1. The attributes selected as matching properties are used to match the user accounts in BoldDesk for update operations. To save any changes, select Save.

    1.png

Provisioning setting

  1. Check the box labeled Send an email notification when a failure occurs and enter the email address to receive the provisioning error notifications.
  2. In the settings section, choose Scope to specify which users should be provisioned for BoldDesk.

Sync all users and groups: This option will synchronize all users from Microsoft Entra ID to BoldDesk.

Sync only assigned users and groups: This option will synchronize only the users assigned to the enterprise application.

azure-ad-setting-1.png

Start provisioning

  1. In application page, select Provisioning in the left sidebar menu.

  2. Click Start provisioning.

    azure-ad-start-provisioning.png

Was this article useful?
Like
Dislike
Help us improve this page
Please provide feedback or comments
Comments (0)
Please  to leave a comment
Access denied
Access denied