---
title: "Integrating Azure for Provisioning"
slug: "azure-provisioning"
updated: 2026-04-16T07:17:12Z
published: 2026-04-29T10:55:15Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://docs.britive.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Integrating Azure for Provisioning

This guide provides details about Britive and Azure provisioning integration.

## Configuration Steps

### Configuring an Identity Provider on Britive

An identity provider needs to be created in Britive for SSO.

1. Log in to the Britive application with administrator privileges.
2. Click on **System admin**->**Identity Management** from the navigation menu.
3. Click on the **Identity Providers** tab.
4. Click on the **Add Identity Provider** button.
5. Enter name and description.
6. Select **Identity Provider Type** as SAML.
7. Click **Add**. A configuration page is displayed.

### Configuring Provisioning on Britive

1. Copy the **SCIM URL** and note it down. This URL is entered later to configure on the identity provider portal.
2. Click on the **Edit** button under **Additional Settings**in the **SCIM** tab.
  1. Select **the Allow tag name and description to be editable** option to allow editing of tags for externally managed tags.
3. Click on the **Edit** button under **SCIM Provider** in the **SCIM** tab.
  1. Select **Azure** from the drop-down list to configure Microsoft Entra ID.
  2. Save the changes by clicking the icon next to the selection.
  3. Click on **Create Token**.
  4. Enter the validity of the token and create a token. Copy this generated token and note it down. Click **OK**. This token is not displayed again. This token is entered later on the identity provider portal.
  5. Click on the **Recreate token**button to generate a new token, if needed.
  6. Click on **Edit token validity**to update the validity.
4. Map the incoming attributes using the procedure explained in **User mapping**.

#### User mapping

After provisioning, by default, seven attributes from the identity provider are mapped to a Britive user.

You can see the mapped attributes by checking the **Mapped Attributes** checkbox in the **User Mapping** section. Out of these attributes, *Status*, *Email*, *First Name*, *Last Name*, and *Username* are mandatory attributes. The identity provider must send these attributes for the user to be created in Britive.

Additional user attributes from the identity provider can be configured in Britive. Follow these steps to map additional attributes:

1. Select **System admin**-> **Identity Management** from the navigation menu.
2. Click on the **Identity Attributes** tab.
3. Create a new attribute by clicking the **Add Identity Attribute** button.
4. Enter the following values on the **Add Identity Attribute** page:
  1. Enter the name and description of the attribute.
  2. Select the type of attribute from the drop-down list.
  3. Check **Multi Valued** field for attributes that can have multiple values. For example, user roles.
  4. Click **Add**. The created attribute is displayed in the list of identity attributes.
5. Click the **Identity Providers** tab.
6. Select the identity provider and click on the **SCIM** tab.
7. Uncheck the **Mapped Attributes** checkbox to see the list of unmapped attributes.
8. Click **Edit**.
9. Map the identity attribute with the incoming SCIM attribute.
10. To add custom attributes, select the identity attribute and type the name of the custom attribute as defined in the IDP.
11. Click **Save**.

## Configuring Azure for Provisioning

**Note:** If the Britive application is already created, step #3 can be skipped.

As a best practice, Britive suggests granting access to Britive profiles via groups. For more information, see [Group Sync with SCIM](/v1/docs/group-sync-with-scim).

Follow the steps below for configuring SCIM provisioning between Microsoft Entra ID and Britive:

1. Log in to the [Microsoft Azure portal](https://portal.azure.com) with the necessary permissions to create applications.
2. From the portal menu, click on **Microsoft Entra ID**.
3. Create Enterprise Application:
  1. Click on **Enterprise applications** from the navigation menu.
  2. Click on the **+ New application** button.
  3. Search for **Britive** from the **Enterprise Applications** gallery.
  4. Select **Britive** from the results panel.
  5. Britive application details are displayed. Change the application name, if required.
  6. Click **Create**.
4. Configure SCIM provisioning:
  1. Click **Provisioning** from the navigation menu.
  2. Set the **Provisioning Mode** to **Automatic**.
  3. Enter the following values under the **Admin Credentials**section:
    1. Enter the Britive SCIM URL into the **Tenant URL** field.
    2. Enter the SCIM token generated from Britive into the **Secret Token** field.
    3. Select **Bearer Token** as an authentication method. These values are generated in the Creating an Identity Provider on Britive step.
  4. Click on **Test Connection**. If the connection is successful, save the configuration. If not, review the settings and try again.
5. Configure mappings:
  1. Ensure the user attributes (email, name, etc.) are mapped correctly.
  2. Add custom attributes by following the Azure documentation and using the same attribute name as defined above. The namespace for custom attributes is *urn:ietf:params:scim:schemas:extension:custom:2.0:User* and then map the custom attribute with the Azure attribute for the user.
  3. Enter the following under **Provision Azure AD Groups:**
    1. Enable group provisioning.
    2. Ensure *displayName* and *members* are mapped.
6. Assign users and groups to the Britive application.
7. Start provisioning:
  1. Return to the **Provisioning** tab and click **Start provisioning**.
  2. Check the provisioning status after 20 minutes. If the provisioning status is complete, log in to Britive and make sure the users and tags are created.
  3. Monitor sync status in logs.
8. If there are any errors in the provisioning logs, review the errors and try again.

For more information about attribute mapping, see [Tutorial - Customize user provisioning attribute-mappings for SaaS applications in Microsoft Entra ID](https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/customize-application-attributes).

The following section describes how to create a user and assign roles to that user in Microsoft Entra ID.

#### Adding user

Follow these steps to create a test user:

1. From the left pane in the Azure portal, select **Microsoft Entra ID**, select **Users**, and then select **All users**.
2. Select **New user** at the top of the screen.
3. On the **User Properties**page, follow these steps:
  1. In the **Name** field, enter the name of the test user.
  2. In the **User** name field, enter the username@companydomain.extension.
  3. Select the **Show password** check box, and then write down the value that's displayed in the **Password** box.
  4. Click **Create**.

**Note:** While integrating Britive and Microsoft Entra ID for SCIM protocol, it is mandatory to create a user with a First name, last name, and email. If any of these mandatory attributes are missing in Microsoft Entra ID, those users are not created in Britive.

For more information about adding users in Microsoft Entra ID, see [Add or delete users in Microsoft Entra ID](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/add-users-azure-active-directory).

#### Assign the Microsoft Entra ID test user

This section describes how to enable a user to use Azure single sign-on by granting access to the **Britive** application.

1. In the Azure portal, select **Enterprise Applications**, and then select **All applications**.
2. In the applications list, select **Britive**.
3. On the app's overview page, find the **Manage** section and select **Users and groups**.
4. Select **Add user**, then select **Users and groups** in the **Add Assignment** dialog.
5. In the **Users and groups** dialog, select the user created in the previous section from the Users list, then click the **Select** button at the bottom of the screen.
6. If you are expecting a role to be assigned to the users, you can select it from the **Select a role** dropdown. If no role has been set up for this app, you see the "Default Access" role selected.
7. In the **Add Assignment** dialog, click the **Assign** button.

For more information about assigning roles to users in Microsoft Entra ID, see [Assign roles to users with Microsoft Entra ID](https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-users-assign-role-azure-portal).