Search Results :

×

Azure AD SCIM Provisioning and Sync in DNN


DNN SCIM User Provisioning and Sync provides an option to sync users (create, update, delete and deactivate) in real-time from Microsoft Entra ID (formerly Azure AD) to DNN. SCIM is an open standard that allows for the automation of user provisioning. User provisioning and sync is the process of creating, reading, and updating a user's account information and access policies for multiple applications and systems simultaneously. Users are given the adequate amount of access and permissions based on their role and duties within an organization. User provisioning maintains security and compliance standards while ensuring that the employees have just the right level of access to the organization's resources to carry out their set of tasks. Follow the step-by-step guide to configure PingOne User (SCIM) Provisioning in DotNetNuke (DNN).

Download & Installation

  • Download the DNN SCIM User Provisioning & Sync module.
  • Now go to Settings >> Extensions and click on Install Extension for installing the miniOrange DNN SCIM User Provisioning module.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Install DotNetNuke DNN SCIM Extension
  • Click on miniOrange User Provisioning and Sync to drag-and-drop this module on any section of the page.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Add DNN SCIM Provisioning module

You have successfully installated the DNN SCIM module on your DNN website.

1. Configure DNN as SCIM server

  • Navigate to the DNN SCIM Settings tab to configure DNN SCIM & User Provisioning module.
  • Copy the SCIM Provisioning URL and Bearer Token, and keep it handy, we will require it later.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Copy DNN SCIM URL & OAuth Bearer Token

Under SCIM Operations you can perform the following two operations:

A] Provisioning
  • Create User - To create a user provisioned to the DNN website
  • Update User - To update a user provisioned to the DNN website
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - DotNetNuke DNN Provisioning Step
B] Deprovisioning [PREMIUM+]
  • Delete User - To delete a user in your DNN website
  • Deactivate User - To deactivate a user in your DNN website
  • Enable Deprovisioning for Administrators - To enable deprovisioning at the administrator level
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - DotNetNuke DNN Deprovisioning Step

Navigate to Attribute Mapping section to map IDP attributes to your DNN website.

  • You can map any attributes of the IdP to the attributes in the users table of your database.
  • According to SCIM protocol, attributes received from IDP are "userName", "emails", "givenName", "familyName".
  • Attribute Name Attribute Value
    Username userName
    Email emails
    First Name givenName
    Last Name familyName
    Custom Attribute Mapping This feature is available in the premium+ version.
  • After successfully configuring basic attribute mapping, click on Save Mapping.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - DNN SCIM Attribute Mapping

2. Configure Azure AD as SCIM client

  • Login into your Microsoft Azure portal.
  • Select Enterprise applications from the Azure services section.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Click on Enterprise applications
  • Then, click on the New application.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Click on the New application link to create a application
  • In the Browse Azure AD Gallery page, click on the Create your own application button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Click on Create your own application
  • In the Create your own application popup window,
    • Enter the app name in the What's the name of your app? text field.
    • Under the What are you looking to do with your application?, select the 3rd option i.e. Integrate any other application you don't find in the gallery (Non-gallery).
    • Click on the Create button to complete the create application flow.
    • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - To create a application
  • From the left side, click on Provisioning.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Click on Provisioning
  • Then, click on the Get started button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Get started
  • Select Provisioning Mode as Automatic from the dropdown menu.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Select Automatic Provisioning Mode
  • Now, go back to the Azure portal. Under the Admin Credentials section, paste the copied SCIM Provisioning URL and Bearer Token value into the Tenant URL and Secret token field respectively.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Paste the SCIM Base URL & Secret Token
  • Then, click on the Test Connection button to test the connection between Microsoft Entra ID (formerly Azure AD) and DNN.
  • If the connection is established, a success message will pop up in the upper right corner.
  • After a successful connection, click on the Save button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Save SCIM BASE URL and Token

    NOTE: In case the test connection fails, please reach out to us at dnnsupport@xecurify.com along with the screenshot of the error window. We will help you resolve the issue and assist you with the setup.

  • Go to the Provisioning menu from the left side navigation panel. Navigate to the Settings section, and then select Sync only assigned users and groups from the Scope dropdown.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM -  Sync only assigned users and groups from the Scope dropdown
  • Set the Provisioning Status toggle button to On and click on the Save button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Turn on Azure AD provisioning
  • In the Getting Started section, click on the Assign users and groups link.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - From the Getting started section, click on the Assign users and groups link
  • Click on the Add user/group button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Click on Add user/group button
  • In the Add Assignment window, under Users, click on None Selected.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - In the Add Assignment window, under Users, click on the None Selected
  • Open the Users popup window, enter the user name into the search box, then select the user and click the Select button.
  • Then, click on the Assign button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Click on Assign button
  • You can see the user successfully assigned to your application.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - The user successfully assi to the application
  • Navigate to Provision on demand from the left panel.
  • Search for user and group by name, userPrincipalName, or mail in the Search box, and then provision one of the users assigned to this Enterprise application.
  • Click on the Provision button.
  • DotNetNuke (DNN) SCIM User Provisioning with Azure AD | DNN SCIM - Navigate to provision on Demand

You have successfully configured the miniOrange DNN SCIM User Provisioning module with Microsoft Entra ID (formerly Azure AD). You can configure DotNetNuke (DNN) User Provisioning and Sync with Okta, Salesforce, OneLogin, PingFederate, Centrify, JumpCloud as well as with your own custom IDP.

Additional Resources


Need Help?

Contact us on dnnsupport@xecurify.com and we'll help you set up DotNetNuke Two Factor Authentication (2FA), for quick guidance (via email/meeting) on your requirement and our team will help you to select the best suitable solution/plan as per your requirement.

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com