Connecting the Dynamic Signal platform to Azure Active Directory is a simple way to enable automatic user provisioning in your Dynamic Signal Community. This integration supports the following:
- SAML-based Single Sign On (SSO) to log on to Dynamic Signal applications
- SCIM-compliant REST-APIs to automatically create, update, and suspend members in the Dynamic Signal platform
- Custom Schema extensions
To connect Dynamic Signal to Azure Active Directory to enable automatic user provisioning, complete the following process:
- Set Up for SCIM User Provisioning
- Configure SCIM Application in Azure Active Directory
Before starting your SSO configurations, please contact your Customer Success Manager (CSM) to enable SSO for your Community. If you plan to enable user provisioning from Azure Active Directory, refer to the following requirements:
- Enable Divisions – To fully take advantage of the SCIM provisioning, you must enable Divisions for your Community. To Enable Divisions, ask your CSM or see Enable Divisions on the Dynamic Signal Support Site.
- Access to API Page – To access the API page, go to Admin > Advanced > API. If you do not have access to your Community’s API page in the Dynamic Signal app, please ask your CSM to provide you with permissions.
Set Up for SCIM User Provisioning
You can configure SCIM user provisioning, and generate an API Token and SCIM URL, by completing the following steps:
- In the Dynamic Signal Communicator webpage (communityname.voicestorm.com/manage), go to Admin > Advanced > API to generate a new bearer token to be used in the integration with Azure Active Directory.
- In the Tokens section, click Generate New Token and enter a name for the token. Click Generate New Token again to complete the process.
This procedure creates a base64 encoded bearer token which is required to set up your SCIM application in Azure Active Directory.
Under the URLs section of the API page in Dynamic Signal, you will find the SCIM API URL which is also required later when you set up your SCIM application in Azure Active Directory.
By default, the ScimDivisionType enabled will be Group, allowing you to manage divisions through SCIM’s group endpoint. If you would like to manage your community another way, click Edit in the Division Type region and select either the UserExtensionArray or UserExtensionString. This will allow you to manage Divisions through SCIM’s users’ endpoint.
To configure your SCIM application in Azure Active Directory, see Configure SCIM Application in Azure Active Directory.