Skip to main content
All CollectionsUser Management and Admin
How to integrate with Entra ID using SCIM integration
How to integrate with Entra ID using SCIM integration

In this article you learn how to set up the SCIM integration between SourceMagnet and Entra ID to sync roles

Fredrik Muri Slettestøl avatar
Written by Fredrik Muri Slettestøl
Updated over 3 weeks ago

SourceMagnet can be integrated with Entra ID using a SCIM integration. By integrating with Entra ID, you will have full control over which users can log into SourceMagnet, and permissions will automatically be withdrawn when people quit or change positions.

How to enable SCIM

1. Get provisioning secret from SourceMagnet

Click on your company name and select Access Management, select the Entra ID tab in SourceMagnet as an Admin or Owner, and get the provisioning secret.

2. Create an Enterprise application in Azure

Go to Enterprise Applications in Azure and create a Non-gallery application for provisioning.


In the new enterprise application, go to provisioning and

4. Configure "Provision Microsoft Entra ID Users"

In attribute mappings for "Provision Microsoft Entra ID Users" validate or map the following properties:

  • userName

  • active (has no practical implications in SourceMagnet atm., but is required by Microsoft)

  • title

  • name.givenName

  • name.familyName

  • delete other mappings that are not listed above

Save changes

5. Configure "Provision Microsoft Entra ID Groups"

Turn on "Target Object Actions" for "Create", "Update", and "Delete".

In attribute mappings for "Provision Microsoft Entra ID Groups" validate or map the following properties:

  • displayName = displayName

  • externalId = objectId

  • members = members

Save changes

6. Create groups

The roles for å user will be defined based on the user's group membership in Entra ID.
Create the following groups with the exact Group names as below:

  • "SourceMagnetAdmin"

  • "SourceMagnetContractCreator"

  • "SourceMagnetContractViewer"

  • "SourceMagnetSourcingCreator"

  • "SourceMagnetSourcingViewer"

  • "SourceMagnetProjectCreator"

  • "SourceMagnetProjectViewer"

Assing group membership to users to give them the correct role in SourceMagnet.

A user that needs multiple roles must be assigned to multiple groups in Entra.

7. Give access to users/groups

In Azure, open Enterprise Application and select SourceMagnet app.

Go to "Users and groups"

Click "+ Add user/Group"

Add the groups or users that you want to give access to and select among the available roles.

💡 To give a user multiple roles in SourceMagnet, the user must be assigned to multiple groups. One group will give the user a "Sourcing creator" role, and one group will provide the user a "Contract creator" role.

8. Start provisioning

Start the provisioning

💡 You might have to add sourcemagnet.com to trusted domains.

Did this answer your question?