Our Microsoft Azure Active Directory integration uses a dedicated Azure Active Directory based connector for accessing and maintaining Azure groups and users.
We use SCIM protocols to connect to your Azure tenant using REST APIs.
Account in Azure
IDHub pulls all azure user account information from your Azure tenant.
User Account attribute we fetch includes (but not limited to):
- User Principal Name (As a unique identifier)
- First Name
- Last Name
- Display Name
- Job Title
Our customers can choose to fetch any other attributes apart from the above as per their individual needs. With our Attribute based Access Control (ABAC), you can decide which information will be used on new user creation and which ones on user modifications.
Entitlements in Azure
IDHub Azure Connector pulls only 1 types of entitlement from Azure for provisioning and de-provisioning.
Employees of your organization can request for Azure Groups as needed.
Also as part of Microsoft Azure connector, we establish connection with Azure to fetch all Azure groups and their roles that can be assigned to an individual.
Users require to pick role(s) as desired while requesting for a group. These roles are very specific to the group and as designed by Azure. Some of the role examples are:
These roles cannot be customized as this is created by Azure.
Upon completion of approvals based on request workflow defined by you on a particular group, the users will automatically get access to the requested group in the desired role by our automated fulfillment.
Support and Maintenance
IDHub provides out of the box connector issue support and timely maintenance as a standard quality guarantee for all of our customers having our Cloud solution. However, any customization made to existing connectors requires managed services support plan for support and maintenance.