Azure AD SCIM Provisioning and Sync in DNN
DNN SCIM User Provisioning and Sync provides an option to sync users (create, update, delete and deactivate) in real-time from Microsoft Entra ID (formerly Azure AD) to DNN. SCIM is an open standard that allows for the automation of user provisioning. User provisioning and sync is the process of creating, reading, and updating a user's account information and access policies for multiple applications and systems simultaneously. Users are given the adequate amount of access and permissions based on their role and duties within an organization. User provisioning maintains security and compliance standards while ensuring that the employees have just the right level of access to the organization's resources to carry out their set of tasks. Follow the step-by-step guide to configure PingOne User (SCIM) Provisioning in DotNetNuke (DNN).
Download & Installation
- Download the DNN SCIM User Provisioning & Sync module.
- Now go to Settings >> Extensions and click on Install Extension for installing the miniOrange DNN SCIM User Provisioning module.
- Click on miniOrange User Provisioning and Sync to drag-and-drop this module on any section of the page.
You have successfully installated the DNN SCIM module on your DNN website.
1. Configure DNN as SCIM server
- Navigate to the DNN SCIM Settings tab to configure DNN SCIM & User Provisioning module.
- Copy the SCIM Provisioning URL and Bearer Token, and keep it handy, we will require it later.
Under SCIM Operations you can perform the following two operations:
A] Provisioning
- Create User - To create a user provisioned to the DNN website
- Update User - To update a user provisioned to the DNN website
B] Deprovisioning [PREMIUM+]
- Delete User - To delete a user in your DNN website
- Deactivate User - To deactivate a user in your DNN website
- Enable Deprovisioning for Administrators - To enable deprovisioning at the administrator level
Navigate to Attribute Mapping section to map IDP attributes to your DNN website.
- You can map any attributes of the IdP to the attributes in the users table of your database.
- According to SCIM protocol, attributes received from IDP are "userName", "emails", "givenName", "familyName".
- After successfully configuring basic attribute mapping, click on Save Mapping.
| Attribute Name | Attribute Value |
| Username | userName |
| emails | |
| First Name | givenName |
| Last Name | familyName |
| Custom Attribute Mapping | This feature is available in the premium+ version. |
2. Configure Azure AD as SCIM client
- Login into your Microsoft Azure portal.
- Select Enterprise applications from the Azure services section.
- Then, click on the New application.
- In the Browse Azure AD Gallery page, click on the Create your own application button.
- In the Create your own application popup window,
- Enter the app name in the What's the name of your app? text field.
- Under the What are you looking to do with your application?, select the 3rd option i.e. Integrate any other application you don't find in the gallery (Non-gallery).
- Click on the Create button to complete the create application flow.
- From the left side, click on Provisioning.
- Then, click on the Get started button.
- Select Provisioning Mode as Automatic from the dropdown menu.
- Now, go back to the Azure portal. Under the Admin Credentials section, paste the copied SCIM Provisioning URL and Bearer Token value into the Tenant URL and Secret token field respectively.
- Then, click on the Test Connection button to test the connection between Microsoft Entra ID (formerly Azure AD) and DNN.
- If the connection is established, a success message will pop up in the upper right corner.
- After a successful connection, click on the Save button.
- Go to the Provisioning menu from the left side navigation panel. Navigate to the Settings section, and then select Sync only assigned users and groups from the Scope dropdown.
- Set the Provisioning Status toggle button to On and click on the Save button.
- In the Getting Started section, click on the Assign users and groups link.
- Click on the Add user/group button.
- In the Add Assignment window, under Users, click on None Selected.
- Open the Users popup window, enter the user name into the search box, then select the user and click the Select button.
- Then, click on the Assign button.
- You can see the user successfully assigned to your application.
- Navigate to Provision on demand from the left panel.
- Search for user and group by name, userPrincipalName, or mail in the Search box, and then provision one of the users assigned to this Enterprise application.
- Click on the Provision button.
NOTE: In case the test connection fails, please reach out to us at dnnsupport@xecurify.com along with the screenshot of the error window. We will help you resolve the issue and assist you with the setup.
You have successfully configured the miniOrange DNN SCIM User Provisioning module with Microsoft Entra ID (formerly Azure AD). You can configure DotNetNuke (DNN) User Provisioning and Sync with Okta, Salesforce, OneLogin, PingFederate, Centrify, JumpCloud as well as with your own custom IDP.
Additional Resources
Need Help?
Contact us on dnnsupport@xecurify.com and we'll help you set up DotNetNuke Two Factor Authentication (2FA), for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.
Need Help? We are right here!
