Updated on September 6, 2023

Docy

Configure Azure SCIM Integration to Onboard Users to Netskope

Configure Azure SCIM Integration to Onboard Users to Netskope

  1. Log in to Azure AD console.
    image7.png
  2. Go to Azure Active Directory > Enterprise Applications. Click New Application.
    image8.png
  3. Search for netskope and select Netskope User Authentication from the list.
    image9.png
  4. Enter a Name: Netskope SCIM and click Add.
    image10.png

    A message will be displayed that the application was added successfully.

    image11.png
  5. Click Provision User Accounts.
    image12.png
  6. Click Get Started.
    image13.png
  7. Select Provisioning Mode as Automatic.

    Enter Netskope Tenant SCIM Server URL details.

    Enter Netskope OAUTH Token for SCIM Client details.

    Click Test Connection.

    Note: You need to test the connection successfully before you save the configuration; otherwise, you will get an error during save

    image14.png
    image15.png
    image16.png

    You can check In the Netskope tenant where the Last Used Time gets updated.

    image17.png
  8. Click Save.
    image18.png
    image19.png
    image20.png
  9. Next set Provisioning Status to ON.

    Click Save.

    image21.png
    image22.png
    image23.png

    Note

    The Default SCIM Mappings and Provisioning Scopes are listed under Mappings; refresh the page to view it. The mappings attributes are fixed and should not be changed. You can click on the mappings to view details.

    image24.png
  10. Add Azure users and groups to sync to the Netskope tenant.

    Select Users and Groups and select Add user.

    image25.png
  11. Select Users and Groups and then select the users and groups from the list.

    Click Select.

    image26.png
    image27.png
    image28.png
  12. The selected user and group will be listed as shown.
    image29.png
  13. Go back to the Provisioning section.

    Important

    Azure SCIM Provisioning interval is 40 minutes.

    Initial Sync

    image30.png

    After 40 minutes

    image31.png
  14. Click View Audit Logs to view synchronization events, which can be used for troubleshooting issues.
    image32.png
  15. Check Azure users in the Netskope UI under Settings > Security Cloud Platform > Users.
    image33.png
  16. Check Azure groups in the Netskope UI under Settings > Security Cloud Platform > Groups.
    image34.png
    image35.png

    Azure SCIM can sync:

    1. Users
    2. Groups which also includes Users within the groups (nested groups not supported by Azure SCIM).
  17. The Azure Users & Groups will also be available for selection in Real-time Protection Policies.
    image36.png

The SCIM configuration is completed

Share this Doc
In this topic ...