All Collections
Administrator Guide
User Management
How to configure User Provisioning SCIM from Azure AD
How to configure User Provisioning SCIM from Azure AD

Setting up your SCIM from Azure to automate the provisioning and disabling process for your users

Updated over a week ago

At this time, User Provisioning is only available to organizations on our Enterprise tier. Please email support at support@joinblink.com for more information.

In this article:

Introduction

Blink's User Provisioning (SCIM) integration allows users to automatically be provisioned and disabled, meaning your joiners and leavers process will be automated. We accept updates to the following fields:

  • First Name

  • Surname

  • Employee Id

  • Location

  • Job Title

  • Company name

  • Department

  • Manager

  • Email Address

  • Mobile Phone Number

  • Work Phone Number

  • About me

Already happy with your existing team structure? We can also sync over existing teams into Blink through the SCIM group sync. Please contact our support team if you have any questions or need any assistance.

Request a token

Before you start you will need a 'secret token' from us at Blink. Please email us at support@joinblink.com to request a SCIM token.

Set up our Azure Gallery App

Please follow the Configure Blink for automatic user provisioning tutorial to complete the installation and configuration of our Azure AD Gallery app. This app has a tailored set of default mappings meaning that in most circumstances user attributes should be correctly synchronized out of the box.

Sending invitations to users

Users that have been imported to Blink are not automatically sent invitations to download and start using Blink. However, as soon as they are imported, they should be able to download and start using Blink. You can also send each user an invite by clicking the 'Resend invite' button from their profile.

💡 Helpful Hints

Our gallery app will link an Azure AD account to an existing Blink account where the email address or employee id matches. If an existing Blink user is not found a new account will be provisioned.

If an email address or mobile phone number is in use) in another Blink organization, their account will not be created. You can define an email address in the app to receive notifications of any synchronization errors.

Azure AD syncs around once every 40 minutes, however, the initial sync can take several hours to complete if a large number of users are assigned.

Azure AD will also cause a field to be blanked on a user profile that has already been synced to Blink when Azure AD does not detect this as a change and therefore does not send a request to update the user profile in Blink accordingly. This can cause issues, particularly when trying to remove an email or a mobile phone on a disabled profile to reassign then to a new profile.

We developed a work around to solve this issue. When you wish to blank the email or the mobile phone in Blink via Azure AD, replace the email or mobile phone is Azure Ad by a dollar sign $. At the next Azure AD update, you should see the email or/and mobile phone removed in Blink.

Need help?

If you have any questions or require assistance with setting up user provisioning, please email us at support@joinblink.com.

Did this answer your question?