Configuring a SCIM compliant app SCIM to manage my users in Microsoft O365 / Entra / Azure
| These steps must be performed in addition to configuring the SAML2 SSO application for authentication of users. You will need to be logged in to the Entra Admin console as the administrator. You will also need to be logged in to the Security Awareness and Training Service Admin console as the tenant administrator. |
1.) Log in to the Microsoft Entra Admin Console
2) Select the Enterprise Applications icon. If you cannot see an Enterprise Applications icon, try searching for "Enterprise Applications".
The Enterprise Applications page is displayed.
3) Click on the + New application tab:
4) Select the + Create your own application button:
5) Enter Fortinet Security Awareness and Training Service V3 in the What's the name of your app? field. Ensure that the Integrate any other application y ou don't find in the gallyer (Non-galler) option button and select the Create button:
The overview page is displayed.
6) Click on Assign users and groups in section 1. Assign users and groups:
The Users and groups page is displayed:
7) Click on + Add user/group
Select the groups that contain users that you want to be provisioned into the service. This will likely match the organizational units or groups you assigned when you configured the Single Sign On SAML app you created for authentication. Then click the Assign button.
| If your plan level does not allow you to select users and groups, you will need to select all users that you wish to be synchronized. his will likely match the organizational units or groups you assigned when you configured the Single Sign On SAML app you created for authentication. |
8) Select Provisioning from the left hand navigation menu:
9) Select Overview from the left-hand navigation menu, then select the Get Started button:
The provisioning page is displayed.
10) Select Automatic from the provisioning mode drop down box:
11) Expand the Admin Credentials section:
10) Log in to the Security Awareness and Training Service as the tenant administrator.
11) In the Security Awareness and Training Service Administration interface, select Users from the navigation menu, then select the Manage domains and users button in the upper right-hand corner:
The Manage domains and users page is displayed:
12) Select the SCIM provisioning tab:
The SCIM provisioning page is displayed:
13) Click the copy button to copy the SCIM URL:
14) Paste the SCIM URL into the Tenant URL field in Microsoft Entra:
15) From the Security Awareness and Training Service admin console, Select My profile from the user menu in the lower left corner of the service interface:
The My profile page is displayed:
13) In the Create API Token section, give the token a meaningful name (e.g. Security Awareness SCIM Token), ensure that the SCIM permission checkbox is checked, and select the Generate button:
The API Token dialogue is presented.
14) Click the Copy button to copy the token:
15) Paste the token into the Secret token field in the Microsoft Entra admin and then select the Test Connection button to ensure the credentials are accepted. If the test succeeds, select SAVE:
16) Close the Provisioning screen:
You are returned to the Overview page:.
17) Click the Start provisioning button:
Provisioning is now configured.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article