All Collections
Azure AD IAM Integration
Azure AD IAM Integration
Stephen Krzeminski avatar
Written by Stephen Krzeminski
Updated over a week ago

To get started with the Azure AD IAM integration, click on the Settings button in the upper-right and select Integrations.

Click on Add to SkyPrep on the Microsoft Azure AD card.

Click on Connect your Microsoft Azure AD Account and sign in if requested.

You may be prompted to allow permissions. Accept if you see this message.

Next, Enable the feature and configure the integration's basic behavior.

You can also set the platform behaviour for users that are marked as terminated in Azure. If necessary, you can have their logins disabled, preventing them from accessing the platform and being counted as an active user while also retaining their records.

Auto Import New Users allows JIT creation in SkyPrep, with new Azure users being added to the SkyPrep platform.

Enable Email Notifications on New User Creation will send the login credentials to newly created users as well as allow other emails, such as course completion notification emails to be sent.

โ€‹Remove users from groups they are no longer a part of in Microsoft Azure AD allows you to manage enrolment in real time. If a user is removed from a Group, they are also unenrolled from all courses assigned via that group.

โ€‹Deactivate users in the LMS that are no longer in Microsoft Azure AD is similar to Terminate Date Action, but instead activates upon their removal from Azure rather than their termination date being set.

Reactivate terminated users in the LMS that are no longer terminated in Microsoft Azure AD will restore a disabled user's access if there is no longer a termination date associated with their profile.

Next, click on Data Mapping.

Configure your Data Mapping and make sure to include the first name, last name, and email as they are mandatory for account creation, syncing, and login. Additionally, the email field must be unique for all users.

Primary Microsoft Azure AD Value is the main data field that SkyPrep will pull from, while Secondary Microsoft Azure AD Value is the field that SkyPrep will use if the Primary is empty.

If you are on a Azure plan that supports SSO and you intend to use it with SkyPrep, you should use SAML and ensure that your chosen attributes reflect the setup you have here.

To view supported SAML claims, click here.

Next, click Import Rules, then on Add Rule.

Here you can set up different rules to determine which users will show up in your import list. Just make sure to click Save Rules at the bottom of your page once you're done.

Please note that this acts as a failsafe and users who you manually import will have to match these rules as well.

You can add multiple rules to tailor the behavior to your needs.

Finally, click on the Users tab. You will see a list of users populate based on your selected import rules and data mapping. Clicking on Actions beside a user will allow you to view the payload associated with that user.

Did this answer your question?