Jericho Security | Support

Azure Entra ID Directory Integration

Written by Jericho Security Contributor | October 8, 2024

Directory Integration with Azure Entra ID User Provisioning via SCIM 2.0

The following steps configure your Azure Entra ID (formerly Active Directory) to send user information to Jericho Security so we can populate users and groups for the Phishing Simulator and Training Center.

  • Click "View" on "Manage Azure Entra ID” or navigate in another way to "Azure Entra ID"

  • Click "Enterprise applications"

  • Click “New Application”

  • Click “Create your own application”

  • Name the application, e.g. "Jericho Security SCIM”

  • Click “Create” at the bottom

  • Click “Get Started” on “Provision User Accounts”

  • Click “Get Started” again

  • Toggle “Provisioning Mode” to “Automatic”

  • For “Tenant URL” enter https://app.jerichosecurity.com/scim_v2

  • Your “Secret Token” is the “SCIM API Key” located in your Jericho Security integration settings.

  • After the “Secret Token” is entered, click “Test Connection”

  • Ensure connection was successful, then click “Save”

  • After a moment, the “Mapping” accordion will become available to expand in the main content area, expand it

  • Both “Groups” and “Users” should be enabled

  • Select “Users” and map source attribute “mail” to “userPrincipleName”

  • Save the mapping, then save changes to the provisioning, acknowledging that this may require re-syncing users

  • Go back into “Provisioning” by clicking “Get Started” on “Provision User Accounts”

  • Under the “Settings” accordion, make sure “Scope” is set to “Assigned Users and Groups” (unless you wish to send to all mailboxes in your tenant)

  • Assign users and/or groups that you wish to sync to the application. Note that because of how Microsoft performs the provisioning, if you assign a group only direct member users will be provisioned, not users in nested groups.

  • Go back to the Provisioning settings and set the “Provisioning Status” to “On” or click “Start Provisioning”

All done! Microsoft typically starts syncing with Jericho after about 40 minutes, and may take up to 24 hours to complete.