Azure AD Provisioning with Salesforce. Attribute with the Application Groups that a user belong

%3CLINGO-SUB%20id%3D%22lingo-sub-1603874%22%20slang%3D%22en-US%22%3EAzure%20AD%20Provisioning%20with%20Salesforce.%20Attribute%20with%20the%20Application%20Groups%20that%20a%20user%20belong%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1603874%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20have%20SSO%20between%20Salesforce%20and%20Azure%20AD%20using%20Salesforce%20App%20available%20in%20Azure.%20I'm%20also%20using%20provisioning%20to%20create%20the%20users%20in%20Salesforce.%20Everything%20works%20fine%2C%20but%20I%20need%20another%20field%20to%20pass%20to%20Salesforce%3A%20The%20Application%20Groups%20that%20the%20user%20belongs.%20It%20is%20possible%20to%20add%20a%20field%20to%20the%20User%20in%20Azure%20AD%20with%20this%20information%20and%20mapping%20it%20in%20Provisioning%20-%26gt%3B%20Attribute%20Mapping%20%3F%20Let's%20say%20something%20similar%20with%26nbsp%3BSingleAppRoleAssignment(%5BappRoleAssignments%5D)%2C%20but%20with%20all%20the%20groups%20that%20the%20user%20belong%20regarding%20only%20this%20particular%20Application.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20user%20provisioning%20I%20have%20created%20several%20groups%20in%20the%20app.%20For%20each%20group%20I%20assign%20a%20role(profile%20in%20Salesforce).%20Then%20I%20assign%20users%20to%20the%20specific%20groups.%20The%20provisioning%20start%20and%20I%20also%20want%20to%20send%20the%20group(s)%20that%20the%20user%20is%20member.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hi,

 

I have SSO between Salesforce and Azure AD using Salesforce App available in Azure. I'm also using provisioning to create the users in Salesforce. Everything works fine, but I need another field to pass to Salesforce: The Application Groups that the user belongs. It is possible to add a field to the User in Azure AD with this information and mapping it in Provisioning -> Attribute Mapping ? Let's say something similar with SingleAppRoleAssignment([appRoleAssignments]), but with all the groups that the user belong regarding only this particular Application.

 

For user provisioning I have created several groups in the app. For each group I assign a role(profile in Salesforce). Then I assign users to the specific groups. The provisioning start and I also want to send the group(s) that the user is member.

0 Replies