Microsoft Azure Integration
Customers on the Enterprise plan can integrate Testfully with Microsoft Azure Entra ID to enable Single Sign-On (SSO) for their organization. This guide will walk you through the steps to set up the integration.
Prerequisites
Before you begin, you need to have the following:
- A Testfully account on the Enterprise plan
- An Azure account with an active subscription to Azure Entra ID
- An Azure Active Directory (Azure AD) tenant
- An Azure account with the necessary permissions to create or install applications in Azure AD
Azure Entra ID Settings
The following settings are required to complete the integration. Microsoft Azure Entra ID provides far more options than what is required for the integration. This guide focuses on the settings that are necessary for the integration with Testfully. For more information on Azure Entra ID settings, please refer to the official Azure documentation. For other settings, please adjust based on the requirements of your organization.
Step 1: Create an Enterprise Application in Azure Entra ID
To start the integration, you need to create an Enterprise application in Azure Entra ID. Follow the steps below to create the application:
- Sign in to the Azure Portal, and navigate to the Azure Entra ID service.
- Click on the Enterprise applications tab in the left sidebar.
- Click on the New application button, then click on Create your own application to create a new application.
- Provide a name for the application (e.g., Testfully)
- Select Register an application to integrate with Microsoft Entra ID (App you're developing) as the application type. Please note that you will need this option to enable SSO for your enterprise application.
- From the Supported account types section, select the appropriate option based on your organization's requirements. This won't impact the SSO integration with Testfully.
- From the Redirect URI (optional) section, select Single-page Application (SPA) as the application type, and provide
https://app.testfully.io/sso/azure/callbackas the Redirect URI. Please note that this is the default redirect URI for Testfully's SSO integration with Azure Entra ID. - Click on the Register button to create the application.
- Congratulations! You have successfully created an Enterprise application in Azure Entra ID, and configured the necessary settings for SSO integration with Testfully.
Step 2: Collect Application Details
There are two IDs you need to collect from the application you created in Azure Entra ID and pass them to Testfully for the integration:
- In the Azure Portal, navigate to the Single sign-on tab of the application you created.
- From the Configure application properties section, click on the Go to application button to configure the application properties.
- From the Essentials section, copy the Application (client) ID and Directory (tenant) ID values.
- Provide these values to Testfully via
support@testfully.io. Our team will use these values to complete the integration on our end.
Step 3: SCIM Provisioning (Optional)
To automate user provisioning and deprovisioning in Testfully, you can enable SCIM provisioning for your organization using an Enterprise Application in Azure Entra ID. SCIM (System for Cross-domain Identity Management) is a standard protocol for automating the exchange of user identity information between identity providers and service providers.
- Sign in to the Azure Portal, and navigate to the Azure Entra ID service.
- Click on the Enterprise applications tab in the left sidebar.
- Click on the New application button, then click on Create your own application to create a new application.
- Provide a name for the application (e.g., Testfully SCIM)
- Select Integrate any other application you don't find in the gallery (Non-gallery) as the application type. Please note that you will need this option to enable SCIM provisioning for Testfully.
- Click on the Create button to create the application.
- From the left sidebar, click on the Provisioning tab.
- Click on the New configuration button to configure the provisioning settings.
- In the Tenant URL field, provide the dedicated SCIM endpoint provided by Testfully.
- In the Secret Token field, provide the secret token provided by Testfully.
- Click on the Test connection button to verify the connection. Once the connection is successful, click on the Create button to save the configuration.
- From the Manage section of the left sidebar, Click on Provisioning link.
- Open the Mappings section and click on the Provision Microsoft Entra ID Groups link. In the Enabled field, select No to disable group provisioning, as Testfully does not support group provisioning at the moment. Then, click on the Save button to save the changes.
- Go back to the previous screen and click on the Provision Microsoft Entra ID Users link. Please ensure that the Enabled field is set to Yes to enable user provisioning. Then, delete all the attribute mappings except for the following attributes:
| Mapping Type | Expression | Source Attribute | Target Attribute | Match objects using this attribute | Matching precedence | Apply this mapping |
|---|---|---|---|---|---|---|
| Direct | N/A | userPrincipalName | userName | Yes | 1 | Always |
| Direct | N/A | displayName | displayName | No | N/A | Always |
| Direct | N/A | emails[type eq "work"].value | No | N/A | Always | |
| Direct | N/A | givenName | name.givenName | No | N/A | Always |
| Direct | N/A | surname | name.familyName | No | N/A | Always |
| Expression | Switch([IsSoftDeleted], , "False", "True", "True", "False") | N/A | active | No | N/A | Always |
- From the Target Object Actions section, select Create, Update and Delete. Then, click on the Save button to save the changes.
- Go back to the previous screen, make sure that the Provisioning Status is set to On, and click on the Save button to enable SCIM provisioning for Testfully.