Page Comparison

...

Account Management
- Inventory user accounts
- Create, Update and Delete user accounts
- Enable and Disable user accounts
- Reset user account password
Group Management
- Inventory groups
- Inventory group memberships
- Create and Delete delete groups
- Add and Remove members to and from groupsremove group memberships
- Add group member to the group
- Remove group member from the group
Role Management
- Inventory Azure roles
- Inventory Azure role memberships
- Create new Inventory Azure role memberships
- Create Azure RBAC and Custom Directory roles
- Assign users to Azure roles
License Management
- Inventory License bundles, License pools, Tenant subscriptions
- Add and Remove users to and from Azure roles license assignments for users
- Add and Remove license assignments for groups
Application Management
- Inventory Azure Applications, Credentials, App Roles, Scopes, App Role assignments, Scope assignments
- Create Azure OIDC, SAML (non-gallery) and SAML (gallery) applications
- Edit & Delete Azure Application
- Create & Delete Client Secret & Certificate
- Create & Delete Scope & AppRole
- Update API Permissions
- Update Token Configuration
Attribute Flow
Users in Azure Active Directory are inventoried as accounts in EmpowerID. The below table shows the attribute mappings of Active Directory user attributes to EmpowerID Person attributes.

Azure Active Directory Attribute	EmpowerID Person Attribute
profileUrl	AboutMe
Active	Active
MailNickname externalId	EmailAliasBusinessPhones
phoneNumbers[?(@.type=='work')].value	BusinessPhone
Citycity	City
CompanyNamecompanyName	Company
employeeOrgData.costCenter	CostCenter
Country	Country
Department	Department
DisplayName	FriendlyName
Mail	Email
EmployeeId	EmployeeID
FaxNumber	Fax
GivenName	FirstName
JobTitle	Title
Surname	LastName
UserPrincipalName	Login
Manager	ManagerPersonID
MobilePhone	MobilePhone
OfficeLocation	Office
MailboxSettings -> AutomaticRepliesSetting -> ExternalAudience	OofAudience
MailboxSettings-> AutomaticRepliesSetting -> ScheduledEndDateTime	OofEndDate
MailboxSettings-> AutomaticRepliesSetting-> ExternalReplyMessage	OofExternalMsg
MailboxSettings-> AutomaticRepliesSetting-> InternalReplyMessage	OofInternalMsg
MailboxSettings-> AutomaticRepliesSetting-> ScheduledStartDateTime	OofStartDate
MailboxSettings -> AutomaticRepliesSetting -> Status	OofStatus
PreferredDataLocation	preferredDataLocation
PreferredLanguage	PreferredLanguage
state	State
StreetAddress	StreetAddress
UserType	UserType
PostalCodecountry	Country
usageLocation	CustomAttribute10
['urn:ietf:params:scim:schemas:extension:enterprise:2.0:User'].['department']	Department
description	Description
employeeOrgData.division	Division
endDateTime	effectiveEndDate
startDateTime	EffectiveStartDate
emails[?(@.type=='work')].value	Email
['urn:ietf:params:scim:schemas:extension:enterprise:2.0:User'].['employeeNumber']	EmployeeID
employeeType	EmployeeType
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute1']	ExtensionAttribute1
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute2']	ExtensionAttribute2
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute3']	ExtensionAttribute3
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute4']	ExtensionAttribute4
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute5']	ExtensionAttribute5
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute6']	ExtensionAttribute6
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute7']	ExtensionAttribute7
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute8']	ExtensionAttribute8
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute9']	ExtensionAttribute9
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute10']	ExtensionAttribute10
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute11']	ExtensionAttribute11
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute12']	ExtensionAttribute12
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute13']	ExtensionAttribute13
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute14']	ExtensionAttribute14
['urn:ietf:params:scim:schemas:extension:azureOnPremData:2.0:User'].['onPremisesExtensionAttributes'].['extensionAttribute15']	ExtensionAttribute15
phoneNumbers[?(@.type=='fax')].value	Fax
name.givenName	FirstName
displayName	FriendlyName
name.honorificSuffix	GenerationalSuffix
phoneNumbers[?(@.type=='home')].value	HomeTelephone
title	Title
name.familyName	LastName
userName	Login
Manager	ManagerPersonID
name.middleName	MiddleName
phoneNumbers[?(@.type=='mobile')].value	MobilePhone
addresses[?(@.type=='other')].formatted	Office
externalAudience	OofAudience
scheduledEndDateTime	OofEndDate
externalReplyMessage	OofExternalMsg
internalReplyMessage	OofInternalMsg
scheduledStartDateTime	OofStartDate
status	OofStatus
photos[?(@.type=='work')].value	PhotoURL
preferredLanguage	PreferredLanguage
state	State
addresses[?(@.type=='work')].streetAddress	StreetAddress
addresses[?(@.type=='work')].streetAddress	Telephone
addresses[?(@.type=='work')].postalCode	PostalCode

...

Next Steps

Register a service principal for the Azure AD SCIM Microservice

...

Versions Compared

Old Version 5

New Version 6

Key

Next Steps