User Guides
Admin console EMS
Users
Add and import users
Search and filter
Bulk update
User profile
User settings
User groups
Devices
Events
Lone Worker
Dynamic frontend
User Groups
Events
Event settings
Advanced event settings
Text / Images / Audio
Recipients and permissions
Document sets
Time plan
Chat
Channels
Conference call
Documents
Checklists
Event Log
On Duty Log
Auth Groups
Tasks
Lone Worker
Lone Worker Overview
Lone Worker Settings
Vertical / Tilt Alarm
No Moving Alarm
Wifi Connection Check
Find me Alarm
Pre alarm
Customized Confirmation
SOS Alarm
Settings
Default channel settings
Event states
Event State Sets
Channels configuration
Conference Call
Sync Users
SMS Settings
Call Settings
Edge Settings
Activation
E-Mail Templates
Acronyms
Beacon
Perimeter Provider
Digital Signage
Beacon Monitoring
Notification Personalization
Application Configuration
Tenant Configuration
Channel Sequences
Media
Technical Integration Guides
Release Notes
- All Categories
- Technical Integration Guides
- SCIM Configuration in Entra ID
SCIM Configuration in Entra ID
SCIM protocol. For a reliable and efficient synchronization of users from Entra ID, s.GUARD supports the SCIM (System for Cross-domain Identity Management) protocol. Using SCIM, all modifications on…
SCIM protocol
For a reliable and efficient synchronization of users from Entra ID, s.GUARD supports the SCIM (System for Cross-domain Identity Management) protocol.
Using SCIM, all modifications on the Entra ID user base will be synchronized automatically to s.GUARD:
- Creation of new users
- Modification of existing users
- Soft delete (deactivation of users on s.GUARD)
- Deletion of users
SCIM configuration in Entra ID
The following steps give guidance on how to setup the SCIM synchronization in Entra ID:
- Log in to Microsoft Azure portal
- Go to "Microsoft Entra ID"
- Open "Enterprise Applications"
- Click "+ New application", then "+ Create your own application"
- Define a name for the application (e.g. "s.GUARD SCIM")
- Select "Integrate any other application you don't find in the gallery (Non-gallery)"
- Confirm with "Create"
- Go to "Manage -> Provisioning"
- Click "+ New configuration"
- Select authentication method "Bearer authentication"
- Enter the following Tenant URL: https://api.instasolution.ch/scim/v2
- Enter the Secret token which will be provided to you by the s.GUARD support team
- Click "Test connection"
- Confirm with "Save" if the connection has been tested successfully
- Go to "Manage -> Provisioning -> Attribute mapping"
- Select "Provision Azure Active Directory Users"
- Adapt the attribute mapping table as needed to include the attributes which shall be synchronized to s.GUARD
- Go to "Manage -> Users and groups" and assign all users and user groups that shall be synchronized with s.GUARD
- Go to "Manage -> Provisioning" and start the provisioning
Mandatory attributes
The following attributes are mandatory and must be synchronized with s.GUARD:
- userName
- name.familyName
- name.givenName
- urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber
- emails[type eq "work"].value
- preferredLanguage
- active
Synchronization of user groups
Assigning user groups for synchronization (Manage -> Users and groups):
It is possible to add user groups to the s.GUARD SCIM enterprise application.
In that case, all users which belong to that group will be synchronized with s.GUARD.
Synchronization of SCIM groups (Manage -> Provisioning -> Attribute mapping)
The option "Provision Microsoft Entra ID Groups" is currently not supported by s.GUARD.
This leads to the effect that a user's group membership from Entra ID will not be reflected in s.GUARD.
Silent login for the Windows desktop client
