Skip to main content

HelloID

Azure AD sync

2022-10-07_9-53-48.jpg

You can sync users and groups into HelloID from an Azure Active Directory (Azure AD) tenant, by configuring HelloID to act as a target system for the Azure AD provisioning service.

To get started, Enable Azure AD sync.

Tip

If you want synced Azure AD users to be able to log in to HelloID using their Azure AD credentials, you must separately create an Azure AD OIDC IdP.

Mappings (Azure AD sync)

Mappings for Azure AD sync do not use Mapping sets. Instead, they are customized in the Azure AD attribute mapping settings. The following attributes are supported:

  • All default OIDC attributes.

  • The Azure AD employeeID (synchronized into Custom user attributes)

  • The Azure AD manager (sets the HelloID user's Manager field to the relevant HelloID user)

Other custom attributes are not supported.

Sync schedule (Azure AD sync)

The sync schedule is determined by the Azure AD provisioning interval.

Group sync (Azure AD sync)

The free Azure AD license does not sync groups to HelloID. For group synchronization, your Azure AD license must be P2 or higher.

Azure AD sync settings reference
URL

The tenant URL expected by HelloID's T2 API. Automatically generated when you click New Secret.

Secret

The secret token to connect to HelloID's T2 API. Automatically generated when you click New Secret.