Azure Active Directory integration beta program

Thank you for participating in the StarLeaf Azure Active Directory integration beta program. On this page:

• Features
• Pre-requisites
• How to set up the integration
• How do I report an issue or send feedback?

Organizations that use Azure Active Directory (Azure AD) for user management can integrate that with their StarLeaf account. Azure AD integration is an additional option on your StarLeaf account.

Features

• Push new users from Azure AD to StarLeaf
• Push user updates from Azure AD to StarLeaf
• Push user deactivation from Azure AD to StarLeaf

Pre-requisites for beta trialing

StarLeaf will create a trial organization for you to use for the purposes of beta trialing the Azure AD integration. We also encourage you to sign up to a free Azure AD account. This is to ensure that the beta program does not disrupt your production environment while allowing you to explore and exercise the features made available to you to their full extent. To get your free trial account, go to https://azure.microsoft.com/pricing/free-trial/ We will have a short preliminary call with you to discuss your deployment before you begin the trial.

Disclaimer
Azure AD integration is in beta development and is still undergoing testing. We strongly discourage the deployment of this in your production environment. StarLeaf will not be liable for any loss, either direct or indirect, suffered as a result of deploying this feature in your production environment and services.

How to set up the integration

Before you can configure StarLeaf provisioning in Azure AD, you need to know the the Tenant URL and Secret Token. We will tell you what these are during our short preliminary call.

1. Log in to the Azure portal https://portal.azure.com .
2. Go to Azure Active Directory > Enterprise applications > Add an application -> Non-gallery application.
3. Give the application a name and choose Add.
4. In the new application:
   1. Choose Provisioning and change the Provisioning Mode to Automatic.
   2. Enter the Tenant URL and Secret Token.
   3. Choose Test Connection and this confirms that you have used the correct credentials.
   4. Choose Save.
5. Configure Mappings so that the table looks like this:

   Azure AD attribute	Customapp attribute	matching precedence
   Compulsory attributes
   mailNickname	externalId	1
   userPrincipalName	username	2
   Not([IsSoftDeleted])	active
   userPrincipalName	emails[type eq “work”].value
   The following attributes are dependent on your AD configuration, but will include some of:
   givenName	name.givenName
   surname	name.familyName
   displayName	name.formatted
   mobile	phoneNumbers[type eq “mobile”]
   telephoneNumber	phoneNumbers[type eq “work”]
   preferredLanguage	preferredLanguage

   Save the attribute mappings and Azure will synchronize the users to the Portal. This may take a few minutes depending on how many users there are.

Troubleshooting and tips

If you think your access token has been compromised, you must create a new token. In the StarLeaf Portal, go to the Azure Active Directory Integrationand select Regenerate access token and click Apply. You must enter the new token in Azure AD as the Secret Token.

How do I report an issue or send feedback?

Please email beta@starleaf.com with any feedback you might have.