Brief AI

SCIM (System for Cross-domain Identity Management) is a standard protocol commonly used to automate the exchange of user identity information between an organization’s directory and connected applications. With SCIM, you can ensure that user accounts are automatically created, updated or deactivated in sync with your Azure AD configuration.

Setting up SCIM provisioning for your organization will require actions from Brief AI. Please get in touch if your organization would like to enable SCIM-based user lifecycle management to streamline onboarding and offboarding. Once SCIM is enabled, Brief AI support will no longer be able to create or delete user accounts on your behalf.

For segregated environments, a dedicated SCIM endpoint and app domain will be provided (for example <code>https://organisation.wiseworks.ai</code>). Your Brief AI contact will confirm if this applies to your deployment.

Before starting, please make sure you have received the following from Brief AI:

To set up SCIM, please make following changes to the <a href="https://help.wiseworks.ai/en/articles/313555-azure-active-directory-ad-sso-calendar-synchronization-setup-for-it-admin-of-enterprises-using-azure-ad-sso">already-configured</a> enterprise application:

2. Open the Enterprise Application in Azure

Select the existing Brief AI enterprise application already used for SSO.

1. Log in to the Azure Portal.
2. Go to Enterprise applications.
3. Select the existing Brief AI enterprise application already used for SSO.

In the application menu, select Provisioning.

Enter the Tenant URL and Secret Token provided by Brief AI.

When the test succeeds, click Save.

1. In the application menu, select Provisioning.
2. Choose Connect your application.
3. Enter the Tenant URL and Secret Token provided by Brief AI.
4. Click Test connection.
5. When the test succeeds, click Save.

SCIM requires Azure AD to send a single combined role value for each user. This value tells Brief AI:

what access level they should have (User or Admin)

- which organisation the user belongs to
- what access level they should have (User or Admin)

The required role value depends on whether your organisation uses multiple Brief AI organisations or only one.

If your organisation uses multiple Brief AI organisations

- <code>RED.USER</code>
- <code>BLUE.ADMIN</code>

If your organisation uses only one Brief AI organisation

Go to Azure Active Directory &gt; App registrations.

Select the App Registration associated with the Brief AI Enterprise Application.

If you only have a single organisation, configure with just the role:

Repeat for each required role value. If using multiple organisations, you will have two roles per organisation. Example:

- <code>RED.USER</code>
- <code>RED.ADMIN</code>
- <code>BLUE.USER</code>
- <code>BLUE.ADMIN</code>

1. Go to Azure Active Directory &gt; App registrations.
2. Select the App Registration associated with the Brief AI Enterprise Application.
3. Open Manage &gt; App roles.
4. Click Create app role.
5. Fill in the fields as follows:
 
 
 If you only have a single organisation, configure with just the role:
 

6. Repeat for each required role value. If using multiple organisations, you will have two roles per organisation. Example:
 - <code>RED.USER</code>
 - <code>RED.ADMIN</code>
 - <code>BLUE.USER</code>
 - <code>BLUE.ADMIN</code>

Azure AD must send the App Role value (<code>RED.USER</code>, <code>BLUE.ADMIN</code>, <code>USER</code>, etc.) to Brief AI through the SCIM roles attribute.

In the Enterprise Application, select Attribute mapping (Preview).

Locate or create a mapping for the SCIM <code>roles</code> attribute.

- Mapping type: Expression
- Expression: SingleAppRoleAssignment([appRoleAssignments])
- Target attribute: roles[primary eq "True"].value
- Match objects using this attribute: No
- Apply this mapping: Always

1. In the Enterprise Application, select Attribute mapping (Preview).
2. Locate or create a mapping for the SCIM <code>roles</code> attribute.
3. Set the following:
 - Mapping type: Expression
 - Expression: SingleAppRoleAssignment([appRoleAssignments])
 - Target attribute: roles[primary eq "True"].value
 - Match objects using this attribute: No
 - Apply this mapping: Always

In the Enterprise Application, select Users and groups.

Choose the correct App Role from the list.

1. In the Enterprise Application, select Users and groups.
2. Click Add assignment.
3. Select a user.
4. Choose the correct App Role from the list.
5. Click Assign.

Azure AD will now automatically create, update, or deactivate the user in Brief AI based on this role.

SCIM Setup (For IT Admin of Enterprises Using Azure AD SSO)

Find answers and get help from Intercom Support and Community Experts

This site employs cookies and other technologies that we and our third party vendors use to monitor and record personal information about you and your interactions with the site (including content viewed, cursor movements, screen recordings, and chat contents) for the purposes described in our Cookie Policy. By continuing to visit our site, you agree to our {websiteTermsLink}, {privacyPolicyLink} and {cookiePolicyLink}.

This site uses cookies and similar technologies ("cookies") as strictly necessary for site operation. We and our partners also would like to set additional cookies to enable site performance analytics, functionality, advertising and social media features. See our {cookiePolicyLink} for details. You can change your cookie preferences in our Cookie Settings.

We use cookies to make our site work and also for analytics and advertising purposes. You can enable or disable optional cookies as desired. See our {cookiePolicyLink} for more details.

Advertising cookies are set by our advertising partners to collect information about your use of the site, our communications, and other online services over time and with different browsers and devices. They use this information to show you ads online that they think will interest you and measure the ads' performance. Social media cookies are set by social media platforms to enable you to share content on those platforms, and are capable of tracking information about your activity across other online services for use as described in their privacy policies.

These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.

These cookies are necessary for the website to function and cannot be switched off in our systems.

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site.

You have the right to opt out of the sale of your personal information. See our {cookiePolicyLink} for more details about how we use your data.

Your Privacy Choices

We use cookies to enhance your experience. You can customize your cookie preferences below. See our {cookiePolicyLink} for more details.

Cookie Settings

Link, Press control-option-right-arrow to exit

Empty Help Center

Uh oh. That page doesn’t exist.

Disappointed

Neutral

Smiley

Thinking...

Searching through sources...

Analyzing...

Tickets submitted through the messenger or by a support agent in your conversation will appear here.

SCIM Setup (For IT Admin of Enterprises Using Azure AD SSO)

SCIM setup

1. Prerequisites

2. Open the Enterprise Application in Azure

3. Connect SCIM Provisioning

4. Create App Roles (Required for SCIM)

If your organisation uses multiple Brief AI organisations

If your organisation uses only one Brief AI organisation

Creating App Roles in Azure

5. Add SCIM Attribute Mapping

6. Assign Roles to Users