Mapping SCIM attributes to user fields
In Alvao, the following user attributes are synchronized via the SCIM protocol:
User attribute in Alvao |
Column in DB (see tPerson) |
Attribute in SCIM |
- |
AzureAdObjectId |
externalId |
Account is blocked |
bPersonAccountDisabled |
active (negated value) |
- |
sAdDisplayName |
displayName |
- |
sFirstName |
name.givenName |
- |
sLastName |
name.familyName |
First and last name |
sPerson |
name.formatted |
Functions |
sPersonWorkPosition |
title |
E-mail |
sPersonEmail |
emails[type eq "work"].value |
Mobile |
sPersonMobile |
phoneNumbers[type eq "mobile"].value |
Phone for work |
sPersonPhone |
phoneNumbers[type eq "work"].value |
username |
sPersonLogin |
userName |
- |
iPersonLocaleId |
locale |
Preferred language |
sPersonPrefferedLanguage |
preferredLanguage |
Time zone |
TimeZone |
timeZone |
Other contacts |
mPersonContact |
addresses[type eq "work"].formatted |
City |
sPersonCity |
addresses[type eq "work"].locality |
Land |
sPersonCountry |
addresses[type eq "work"].region |
Personal Number |
sPersonPersonalNumber |
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:employeeNumber |
Division |
sPersonDepartment |
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department |
Organization |
liAccountId |
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:organization |
Subordinate |
iPersonManagerPersonId |
urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager |
Other (custom fields) |
tPersonCust.* |
urn:ietf:params:scim:schemas:extension:alvao_tPersonCust:2.0:User:* |
Ignored attributes in SCIM:
- ims (Instant messangings)
- nickname
- addresses (other than "work")
- addresses[type eq "work"].postalCode, addresses[type eq "work"].steetAddress
- emails (other than "work")
- urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:costCenter
- urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:division
- custom attribute extensions not related to Alvao (alvao_tPersonCust, alvao_tblProperty)
Mapping attributes in AAD to custom user fields
If you want to import attributes from AAD into custom user fields, do the following:
- In AAD, navigate to the mapping settings (Provisioning - Edit provisioning - Mappings - Provision Azure Active Directory Users).
- View advanced options and navigate to Edit attribute list for customappsso
- For each custom user field, create a new attribute with a name of the form
urn:ietf:params:scim:schemas:extension:alvao_tPersonCust:2.0:User:{column name of the custom field in the database}.
Example: to import values into the tPersonCust.IpTelefon custom field, create an attribute named urn:ietf:params:scim:schemas:extension:alvao_tPersonCust:2.0:User:IpTelefon
- Save your changes and go back to the list of mapped attributes.
- Use the Add New Mapping command to create a mapping between the new attributes in SCIM and the fields from AAD (the mapping specifies what and how the attributes will be populated).
- All existing users are updated during the next setup cycle.
For more information on mapping individual attributes, see Tutorial - Customize Azure Active Directory attribute mappings in Application Provisioning | Microsoft Docs.
Did not find what you were looking for? Ask our technical support team.