Configuring Azure Active Directory Integration with SCIM

Azure Active Directory (Azure AD) is a universal platform designed to protect and manage access to identities. So, you can configure Azure AD to provision and synchronize users and groups with Invicti Enterprise.

• With System for Cross-domain Identity Management (SCIM) 2.0, you can organize users and user groups. This standard lets you provide a defined schema for representing users and groups. So, you can securely automate the exchange of user identity data between your cloud application and any service provider.
• So, if you want to synchronize roles and permissions in addition to users and/or user groups, you need to configure the mapping between Azure Active Directory users/groups and Invicti Enterprise members/teams.

This topic explains how to synchronize users and/or groups in Azure Active Directory with Invicti Enterprise.

The following instructions only let you synchronize users and/or groups in Azure Active Directory with Invicti Enterprise. For auto-provisioning and Single Sign-On, see Configuring Azure Active Directory Integration with SAML.

There are two steps to configure:

1. Adding Netsparker Enterprise to Azure Active Directory
2. Synchronizing users and groups in Azure Active Directory with Netsparker Enterprise

Step 1. How to add Netsparker Enterprise to Azure Active Directory

1. Log in to the Azure Portal.
2. From the Azure Services section, select Enterprise Applications.
3. On the Enterprise applications page, select + New Application.

4. On the Browse Azure AD Gallery (Preview) page, type Netsparker Enterprise into the search box.
5. Select Netsparker Enterprise from the results panel.

6. Select Create to add the application.

Wait for a while so that the app is added to your tenant.

Step 2. How to synchronize users and/or groups in Azure Active Directory with Netsparker Enterprise

1. Log in to the Azure Portal.
2. From the main page, go to Azure Active Directory > Enterprise Applications > Netsparker Enterprise.
3. On the left navigation pane, select Provisioning.
4. Select Edit Provisioning.
   1. From the Provisioning Mode drop-down, select Automatic.
   2. In the Admin Credentials section, complete the details:
      1. Enter https://www.netsparkercloud.com/scim/v2 to the Tenant URL field. (For further information about the SCIM endpoints, see SCIM API)
      2. Enter your API Token into the Secret Token field. (For further information about API Token, see API Settings.)
      3. Select Test Connection to make sure that the connection works.
   3. In the Mappings section, configure the mapping between Azure Active Directory users/groups and Netsparker Enterprise members/teams.
   4. In the Settings section, enter a notification email if necessary and specify the Scope.
      • From the Scope drop-down, select the Sync only assigned users and groups option if you want to synchronize all users and groups added to Netsparker Enterprise in Azure AD.
   5. In the Provisioning Status, select On.
   6. Select Save.

5. In the Settings section, enter a notification email if necessary and specify the Scope.
   • From the Scope drop-down, select the Sync only assigned users and groups option if you want to synchronize all users and groups added to Netsparker Enterprise in Azure AD.
6. On the Provisioning window, select Start Provisioning to synchronize users with Netsparker Enterprise.

The provisioning takes some time based on the number of users you added to the Netsparker Enterprise application.

Once this initial synchronization is completed, the provisioning service goes into incremental synchronization mode. It makes changes to Netsparker Enterprise based on the changes detected in Azure Active Directory. This includes any changes, such as name and roles.

To view the Microsoft documentation, see Tutorial: Configure Netsparker Enterprise for automatic user provisioning