Sign In App Documentation

Azure AD Integration

Overview

Sign In App's integration with Azure AD allows you keep your organisation's users in synchronisation. Changes made in your directory to users will be automatically pulled across periodically. This means Sign In App will always be update with the latest changes in your company.

Requirements

  • Microsoft Account
  • Azure AD Tenant
  • A user with Azure AD admin access

Getting Started

The integration to Azure AD is added at the point of creating a new repeat visitor group inside the portal. When selecting to add a new group, an option is provided to integrate with Azure AD. Once clicked, you'll be taken to Microsoft to login and agree to the required permissions to allow access.

To do this, go to Add Group in the portal.

Permissions

The required permissions are

  • Read access to users user.read.all
  • Read access to groups group.read.all

The application only reads data from the directory and does not need write access. The user access allows the application to pull down users and their profile data to be populated. The group access allows the application to search for certain groups and setup the synchronisation of only a subset of the users in the Azure AD directory from the configured group. Untick Include photos to exclude photos from the sync process. For synced groups with photos turned off, a placeholder icon will appear instead.

Azure AD group sync photo options

Data Recorded

The application pulls down only as much information as is needed, this includes:

  • Unique Identifier
  • Display Name
  • Job Title
  • Email
  • Mobile

Sync information

Once you've synced your Sign In App group with Azure AD you can view some of the key information such as last sync date/time and any filters that have been applied. You can see this from the online managemnet portal by going to Manage > Groups > Select group > Members, the sync information is displayed directly above the group member list.

Additional information about the Azure AD synced group

Tip

Sometimes the sync between Sign In App and Azure AD can break. If this does happen, all technical contacts will be notified by email. The email includes a link to the group in the Sign In App portal, from there you can fix the broken group.

You can manage your technical contacts by going to Manage, scrolling down to the bottom and clicking Portal users, then edit the user and tick Technical contact.

Privacy

Sign In App's privacy policy applies to the data synchronised from the Azure AD directory. https://www.signinapp.com/privacy-policy

© 2024 Sign In App Ltd