Benemen AzureAD Synchronization
Anchor | ||||
---|---|---|---|---|
|
...
Reading AzureAD information is done via Azure Graph API. This requires that new application must be registered to Azure Active Directory in Azure portal and rights to read directory data must be granted.
Detailed instructions for setting up app registration in chapter 4.
Anchor | ||||
---|---|---|---|---|
|
...
Fields for User information
BenePortal attribute | Description | Source |
UserEmail | Email of User. Username when login to BeneDesk |
FirstName | First name |
LastName | Last name |
AltEmail | Alternative email to send password recovery emails etc. |
ContractName | Contract name |
BillingContractName | Billing contract name. |
UserCountry | User Country |
UserRegion | User region in TZ-format (Europe/Helsinki) |
UserLanguage | User language in RFC 1766 format (fi-FI, en-GB etc.) |
CostCenter | Cost Center |
ExtAuthUserName | Username used if External authentication is used |
ExtAuthDomain | Domain, if external authentication is used |
Source can be:
- Constant default value, set for all users
- Value from AzureAD attribute. Will override constant default value if found
- If left unmapped, value can be set in portal and will not be overwritten in sync
...
Fields for Directory information
Directory field | Description | Source for Users | Source for DirectoryEntries |
ExternalId | External ID, if directory is synced from external system |
Email* | Email Address | BenePortal: UserEmail |
FirstName* | First Name | BenePortal: FirstName |
LastName* | Last Name | BenePortal: LastName |
Description | Description is usually left for switchboard usage |
Title | Title |
WorkNumber* | Work number | BenePortal: Work number |
MobileNumber* | Mobile number | BenePortal: Mobile number |
OtherNumber | Other number |
Company | Company name |
|
Subcompany | Sub company |
Location | Location |
Department | Department |
Group | Group |
Team | Team |
Superior | If mapped to Manager, DisplayName of user linked as manager is set. |
Substitute | Substitute |
Address | Address |
PostalCode | Postal code |
City | City |
Country | Country |
PhoneticName | Phonetic name |
Technical fields
Registering Directory Synchronization on Azure Portal
...
- Click Grant admin consent and then Yes for confirmation pop-up
- Select Certificates & secrets.
- Add new client secret
- Enter proper description, select Expires = Never and click Add
...
- Copy value of new secret to be sent to Benemen
- Go to overview tab and copy value of Application (client) ID
...