Note: This guide provides a general idea of what the SSO connection process involves, but should not be used as a step-by-step guide for configuring your SSO. To set up SSO with Spekit, you'll need to go to the 'Connect' page within your Spekit Web App.
1) Create Entra ID (Azure) SCIM Application
From your Enterprise Application dashboard, select "New Application"
Select "Create your own application" and continue.
Give your application a descriptive name such as Spekit SCIM, and select the "Integrate any other application you don't find in the gallery (Non-gallery)" option, then click "Create".
2) Configure the Entra ID (Azure) SCIM Admin Credentials
Select "Provisioning" from the "Manage" section found in the navigation menu of the SCIM application.
Click the "Get Started" button.
Select the "Automatic" Provisioning Mode from the dropdown menu and then copy/paste the URL and token from your Spekit walkthrough into the correct boxes. Click "Test Connection" to confirm that your Tenant URL and Token are correct. Once confirmed click "Save".
3) Set up and enable attribute mapping
Expand the "Mappings" section.
Make sure the group and user attribute mappings are enabled and are mapping the correct fields.
In the directory user mapping section make sure that you are mapping "objectId" to "externalId" within the Attribute Mapping section. It will not be mapped correctly by default so you must change this.
4) Assign Users to Spekit SCIM
In order for your users and groups to be added to Spekit you will need to assign them to your Spekit SCIM Application. Select "Users and groups" from the "Manage" section of the navigation menu.
Select "Add user/group" from the top menu.
Select "None selected" under the "Users and Groups". In the menu, select the users and groups that you want to add to the SCIM application, and click "Select".
Confirm the "Provisioning Status" is set to "On" and that the "Scope" is set to "Sync only assigned users and groups".