azure.png

Microsoft Azure AD

Microsoft Azure Active Directory is a cloud computing platform run by Microsoft, which offers access, management, and development of applications and services through global data centers.

SAML/SSO
Microsoft

Connect to Microsoft

Overview

Our Microsoft Azure Active Directory integration uses a dedicated Azure Active Directory based connector for accessing and maintaining Azure groups and users.

We use SCIM protocols to connect to your Azure tenant using REST APIs.

Account in Azure

IDHub pulls all azure user account information from your Azure tenant.

User Account attribute we fetch includes (but not limited to):

  • User Principal Name (As a unique identifier)
  • First Name
  • Last Name
  • Display Name
  • Department
  • Job Title

Our customers can choose to fetch any other attributes apart from the above as per their individual needs. With our Attribute based Access Control (ABAC), you can decide which information will be used on new user creation and which ones on user modifications.

Entitlements in Azure

IDHub Azure Connector pulls only 1 types of entitlement from Azure for provisioning and de-provisioning.

  • Azure Groups

Employees of your organization can request for Azure Groups as needed.

Azure Groups

Also as part of Microsoft Azure connector, we establish connection with Azure to fetch all Azure groups and their roles that can be assigned to an individual.

Users require to pick role(s) as desired while requesting for a group. These roles are very specific to the group and as designed by Azure. Some of the role examples are:

  • Member
  • Owner

These roles cannot be customized as this is created by Azure.

Upon completion of approvals based on request workflow defined by you on a particular group, the users will automatically get access to the requested group in the desired role by our automated fulfillment.

Support and Maintenance

IDHub provides out of the box connector issue support and timely maintenance as a standard quality guarantee for all of our customers having our Cloud solution. However, any customization made to existing connectors requires managed services support plan for support and maintenance.

Feature Summary

Provisioning

done
Create User
done
Modify User
done
Add User to Azure Group

De-provisioning

done
Remove User
done
Remove Azure Group from User

Reconciliation

done
Fetch Users
done
Fetch Azure Groups
done
Fetch User Assigned Groups
done
Advanced - Fetch User by Source

Additional Use Case

done
SAML/SSO Setup
done
License Management