Versions Compared

Old Version 3

changes.mady.by.user Phillip Hanegan

Saved on

compared with

New Version Current

changes.mady.by.user Phillip Hanegan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The EmpowerID Azure AD SCIM Connector offers several data management capabilities, allowing organizations to efficiently manage their Azure AD resources within EmpowerID.

Account Management

  • Inventory User Accounts: Collect and manage user account data from Azure AD.

  • Create, Update, and Delete User Accounts: Perform CRUD operations on user accounts directly from EmpowerID.

  • Enable and Disable User Accounts: Manage the active status of user accounts.

  • Reset User Account Passwords: Initiate password resets for user accounts.

Group Management

  • Inventory Groups and Group Memberships: Collect and manage group data, including membership details.

  • Create and Delete Groups: Perform CRUD operations on groups within Azure AD.

  • Add and Remove Group Memberships: Manage user memberships within groups.

  • Add or Remove Group Members: Directly manage individual users within group memberships.

Role Management

  • Inventory Azure Roles and Role Memberships: Collect and manage role data and role memberships from Azure AD.

  • Create Azure RBAC and Custom Directory Roles: Define and manage RBAC roles and custom directory roles.

  • Assign Users to Azure Roles: Assign or modify user roles directly within EmpowerID.

License Management

  • Inventory License Bundles, License Pools, and Tenant Subscriptions: Collect and manage licensing data from Azure AD.

  • Add or Remove License Assignments for Users: Manage individual user license assignments.

  • Add or Remove License Assignments for Groups: Manage group-based license assignments.

Application Management

  • Inventory Azure Applications, Credentials, App Roles, Scopes, App Role Assignments, and Scope Assignments: Collect and manage application-related data.

  • Create Azure OIDC, SAML (Non-Gallery), and SAML (Gallery) Applications: Define and manage different applications within Azure AD.

  • Edit and Delete Azure Applications: Perform CRUD operations on Azure AD applications.

  • Create and Delete Client Secrets and Certificates: Manage application secrets and certificates.

  • Create and Delete Scopes and App Roles: Define and manage application scopes and roles.

  • Update API Permissions and Token Configurations: Modify permissions and token settings for Azure AD applications.

...

The EmpowerID Azure AD SCIM Connector integrates with EmpowerID’s lifecycle management processes, allowing for seamless user, group, and role lifecycle management based on Azure AD data. The following processes are supported:

  • Provisioning:

...

  • Automatically create new users, groups, and roles in EmpowerID based on Azure AD data

...

  • , ensuring these entities are assigned the correct attributes and access rights defined in Azure AD.

  • Updating:

...

  • Synchronize changes made to existing users, groups, and roles in Azure AD with EmpowerID

...

  • , reflecting modifications such as role changes, group reassignments, or updates to user attributes across both systems.

  • Deprovisioning:

...

  • When users, groups, or roles are removed from Azure AD, they can be automatically deprovisioned in EmpowerID.

...

  • This process ensures that deactivated entities are appropriately handled, including removing access rights and deleting them as required.

Attribute Mapping

To ensure seamless integration, the EmpowerID Azure AD SCIM Connector maps attributes from Azure AD to the appropriate fields within EmpowerID. This mapping process ensures that all relevant data is captured and aligns with the data models used by EmpowerID. Below is an example of how key attributes are mapped:

...