1. Uniqkey EN
  2. All Guides
  3. All Guides

SCIM integration to Uniqkey

Updated
Have more questions? Submit a request

How to setup user- and group sync from your Microsoft Azure (Entra ID) to Uniqkey using a standard Enterprise Application.

 

Instructions

Step 1: Login to your Microsoft Azure/Entra ID (click here)
 

Step 2: Navigate to Enterprise Applications

 

Step 3: Create the Uniqkey Enterprise Application

  • Click "New application"

 

  • Click "Create your own application"
  • Enter a suitable name and select "Non-gallery" in the settings.
  • Click "Create" in the bottom right corner.

 

 

Step 4: Setup automatic provisioning

  • Navigate to "Provisioning"

 

  • Click "Connect your application"

  • Make sure the "authentication method" is set to Bearer authentication.


 

  • Find the Tenant URL and Secret Token in your Uniqkey Admin portal -> Settings -> Integrations (click here)
     
  • If no Secret Token is visible in the Uniqkey admin portal, click the "Generate" button to generate one.
     

NOTE: If you already have a secret token and re-generate it, the previous token will no longer be valid.

 

About SCIM settings in Uniqkey

  • Automatic invitation: This automatically sends an activation link to the users after they have been provisioned to Uniqkey. If you wish to control when users are allowed to activate their Uniqkey account, leave this disabled.
     
  • Require mobile authentication for groups provisioned via SCIM: Is data in the SCIM groups visible to phoneless users? Enabled = no.
     
  • Require mobile authentication for users provisioned via SCIM: Are users provisioned via SCIM required to use a Uniqkey mobile app? Enabled = yes.

Individual settings for users and groups can be enabled and will override the default SCIM settings.

 

  • Enter the Tenant URL and Secret Token in Azure and click "Test connection"
     
  • Once the test is complete, click "Create" at the bottom.

 

Step 5: Assign users and groups

  • In the menu on the left, expand the "Manage" tab and click "Users and groups"

  • Click "Add user/group" at the top and select the desired users/groups.
     

Deciding who you want to provision to Uniqkey

  • Users: Individual users can be added regardless of your Microsoft Azure license tier. Users will be provisioned to Uniqkey with the status Staged. 



If you have enabled automatic invitation for SCIM users in the Uniqkey admin portal, they will receive an invitation email once an administrator in your organisation opens their Uniqkey mobile app.


 


 

  • Groups: Your Microsoft Azure license might not support group provisioning. If you can't add groups, see Microsoft's documentation for further information. SCIM 2.0 supports global security groups and only members directly assigned to the group will be provisioned. Nested groups are not supported.

    Members of the groups will be provisioned to Uniqkey, and by default be allowed to store data in the groups specified. This can be disabled in the Uniqkey admin portal -> Organisation -> Groups -> (Group Name) -> Settings.

    If a user is member of a group assigned to the Enterprise Application, it's not necessary to also assign the user individually.

 

Step 6: Start the provisioning

  • Start the provisioning via the "Overview" tab in the menu on the left. Afterwards, the sync will run from Azure to Uniqkey every 45 minutes.

 

Articles in this section

See more