Guide

How to setup SCIM with Azure Active Directory

BlueTally lets you save time and headaches by automatically syncing employee entries with users from Azure Active Directory. Setup your integration in only a few steps:

Log in to your Azure account

Click on "Azure Active Directory"

Click on "Enterprise applications" in the left menu bar

Click on "New application"

Click on "Create your own application"

Enter a name for the application (such as 'BlueTally SCIM'), select the "Integrate any other..." option and click "Create"

Scroll down and click on "3. Provision User Accounts"

Click on "Get started"

Change "Provisioning Mode" to Automatic, then enter the Tenant URL and Secret Token from your BlueTally account settings. Then click on "Test Connection" and "Save"

Now go back to the application overview and click on "Provisioning"

Click on "Provisioning"

Click on the "Mappings" tab, then on "Provision Azure Active Directory Users"

Click on "Show advanced options", then on "Edit attribute list for customappsso"

Add the following attribute to the list as a String type: "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:location", then click on "Save"

Click on "Add New Mapping"

Select which field in Azure AD you'd like to map to the employee's location field in BlueTally in the "Source attribute field" (in this example, we've selected "country"), then set the Target attribute to "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:location" and click on "Ok"

Click on "Save"

Now go back to the application overview and click on "Users and groups", then click on "Add user/group" to select all the AD users you want to synchronize as Employees to BlueTally

Once you've added all the users, click on "Provisioning", then click on "Start provisioning"

That's it! The synchronization will take place approx. every 40 minutes. Any changes you do to users in Active Directory will then be overwritten in BlueTally.

To sync the employee's location into BlueTally, you need to enable the Set employee location info from Identity Provider option in your BlueTally account settings under SCIM 2.0. If you'd like to sync the employee's department into BlueTally as well, you can also enable the Set employee department info from Identity Provider option.

If you remove a user from Active Directory, they are marked as "Archived" in BlueTally, but not deleted - as they might still have assets checked out to them, and it might be useful to still keep their history.

If you have any questions regarding this integration, send us an email to support@bluetallyapp.com and we'll assist you with your setup!

You can also setup SSO with Azure AD, receive notifications directly to Microsoft Teams and Slack, integrate BlueTally with Intune, or into your existing workflows by using our powerful API.

Get started for free now