In this article:
Organizations using Microsoft Entra ID (formerly known as Azure Active Directory) can set up the System for Cross-domain Identity Management (SCIM) for user management in Keycafe.
Business Pro Feature
Microsoft Entra ID for Keycafe is only available to users on the Business Pro plan.
Generate a SCIM Token
Note
Generating a SCIM token can only be done by the Organization owner on desktop.
- On desktop, select Settings → Identity Provisioning.
- Click Generate new SCIM token, and copy the token. Note that if you exit this page, the token will not be displayed again.
Entra ID Provisioning Setup
Log in to the Microsoft Entra portal.
From the Home screen, navigate to Entra ID → Manage → Enterprise Apps → New Registration.
Set a name for the registration, and the Supported Account Type to Single Tenant (this should be the default setting). Leave the redirect URI blank.
In your new app, navigate to Manage → Provisioning → Configure automatic provisioning (in the bottom right).
Paste your Keycafe SCIM Tenant URL in the Tenant URL field, and the Keycafe SCIM token in the Secret Token field.
Click Test Connection to confirm the Tenant URL and SCIM token are correct.
Set Up Attribute Mapping
Coming Soon
Support for mapping user roles and key access permissions is coming soon.
- Navigate to Provisioning → Manage → Attribute Mapping → Provision Microsoft Entra ID Users.
- Click Add New Mapping at the bottom of the page.
User Type
Default Value
If User Type is not specified, users will default to being created as Full Users.
- Set an appropriate Mapping Type. In this example we will use Constant, but you can read more about Mapping Types in Microsoft's Help Centre.
- Set the Constant Value as either
FULLorSMARTBOX. This will dictate whether users provisioned from Entra ID will be Full Users or SmartBox Users. - Set Target attribute to
userType.
- Click OK to complete.