Microsoft 365 SCIM Integration

Step 1: Create an API Key for SCIM in Blacksmith

1. Log Into Blacksmith InfoSec
   • Browse to https://web.blacksmithinfosec.com/dashboard/company/security
2. Add a new API Key
   • Click +New Key
   • Enter “SCIM Provisioning” in the Purpose
   • Click Save

3. Copy the Client Key

Step 2: Register Your SCIM Application in Azure AD

1. Log into Azure Portal:
   • Navigate to Azure Active Directory.
2. Create a New Enterprise Application:
   • Go to Applications > Enterprise applications > New application.

2. • Select Create your own application.

2. • Enter a name for your SCIM application and select Integrate any other application you don’t find in the gallery.

2. • Click Create at the bottom of the screen

3. Provisioning Configuration:
   • Once the application is created, go to Provisioning.

3. • Set Provisioning mode to Automatic.

3. • Enter https://api.blacksmithinfosec.com/scim/v2 for the Tenant URL.
   • Paste your key copied from Step 1

4. Test Connection
   • Click on Test Connection to ensure Azure AD can communicate with your SCIM endpoint. This will validate the URL and credentials.
   • Once the test results are successful click Save

5. Configure Alerts and Accidental Deletion:
   • Expand Settings
   • Check the box for Send an email notification when a failure occurs.
   • Enter an email address for where alerts should be sent to for example admin@companyx.com.
   • Check the box for Prevent Accidental deletion.
   • Set the threshold for accidental deletion, our recommendation is 10.

5. • Click Save

6. Assign Users or Groups
   • Click Users and groups
   • Select Add user/group

6. • Select None Selected

6. • Assign the Users or Groups you want synced to Blacksmith InfoSec.
   • Click Assign
7. Start Provisioning
   • Click on Overview
   • Click on Start provisioning

7. • Click Refresh to make sure the initial cycle completed.