Skip to main content

Entra ID Setup Guide

  • Updated

Please follow the steps below to set up SCIM (System for Cross-domain Identity Management) to provision users in Wisq. Once connected, user provisioning will be automatically managed based on assignments in Entra ID. If you have any questions about these steps, please contact your Wisq Customer Success Manager for assistance.

Prerequisites

Before you begin, ensure you have:

  • Admin access to your Microsoft Entra ID tenant

You will be provided the following by Wisq via Proton Mail:

  • Tenant URL
  • A Secret Bearer token

Setup Steps

1. Add Wisq to Microsoft Entra ID

  • Go to the Microsoft Entra admin center.
  • Navigate to ApplicationsEnterprise Applications+ New Application.
  • Click Create your own application.
  • Enter a name like Wisq SCIM Provisioning.
  • Select Integrate any other application you don't find in the gallery (Non-gallery) and click Create.

2. Configure SCIM Provisioning

  • In your new application, go to Provisioning in the left-hand menu.
  • Click Connect your application
  • Under Admin Credentials, enter the following:
    • Tenant URL
    • Secret Token
  • Click Test Connection. If successful, you’ll see a confirmation message.
  • Click Save.

3. Define Mappings

Below is a screenshot of the format we expect to receive a user’s data through SCIM. This includes the default values Microsoft Entra auto-populates. 

The left column details the format we’re expecting, and the right column is how we believe your user data is stored. You can configure mappings by:

  • In Provisioning, go to Attribute mappingProvision Microsoft Entra ID Users.
  • Make sure to enable Users and select Create, Update, and Delete for Target Object Actions.
  • Review and customize attribute mappings as needed.
  • Save any changes

     

In order to add custom attributes, you’ll have to click Show Advanced Options > Edit Attribute list for custommapsso 

From here, please use the following prefix for your custom attributes:

urn:ietf:params:scim:schemas:extension:wisq:1.0:User:$CustomAttribute

For example, to provide the manager email address:

urn:ietf:params:scim:schemas:extension:wisq:1.0:User:managerEmail


4. Assign Users and Groups

  1. Start by selecting 1 or 2 users to test with.  
  2. To provision users:
    • Navigate to Users and Groups under your application.
    • Click + Add user.
    • Select the users you want to provision.
    • Click Assign.
    • Provisioning starts shortly after users are assigned. You can track progress under Provisioning Logs.
  3. After users are tested and Wisq has confirmed that all attributes are being received properly, then more users can be provisioned.  Ensure you discuss with your project lead who should get access to Wisq and when users should gain access.