Identity Connector for Azure Active Directory

Alicia Allen Updated by Alicia Allen

Overview

With Brivo's Identity Connector, customers can provision their Azure AD users and groups to Brivo Access, allowing them to manage onboarding and offboarding users in a single application.

Supported Provisioning Features

  • Push New Users: New users created through Azure will also be created in Brivo Access. 
  • Push User Deactivation: Deactivating the user or disabling the user’s access to the application through Azure will deactivate the user in Brivo Access. 
  • Push Profile Updates: Updates made to the user’s profile through Azure will be pushed to Brivo Access. 
  • Push Groups: Groups and their members can be pushed to Brivo Access from Azure. 
  • Reactivate Users: User accounts can be reactivated in the application. 
  • Mapping Custom Attributes: Custom Attributes in Azure can be mapped to Custom Fields created in Brivo Access.
  • Push Brivo Mobile Pass Credential: BMP credentials can be issued via Azure provisioning to the user in Brivo Access.
  • Push Brivo Wallet Pass Credential: Brivo Wallet Pass credentials can be issued via Azure provisioning to the user in Brivo Access.

Supported User Fields

  • IsSoftDeleted
  • facsimileTelephoneNumber 
  • displayName
  • mobile 
  • userPrincipalName
  • telephoneNumber 
  • preferredLanguage
  • jobTitle 
  • givenName
  • surname 

Supported Group Fields

  • displayName
  • members

Restrictions

  • The Brivo Azure integration does not support administrator provisioning.
  • The Brivo Azure integration does not support credential provisioning.
  • Password Synchronization is not supported. Brivo administrator passwords are maintained in Brivo; they are not copied from Azure. 
  • Nested groups are not supported, the user must be a direct member of a group assigned to the application. 
  • SSO is not included with this subscription and must be purchased as a separate subscription. 
  • The Brivo Azure integration does not support Azure GCC High and DoD.
  • Brivo is unable to provision groups with more than 10,000 users.

Integrating into an existing Brivo Access account

If Azure will manage existing Brivo Access users, you must enter the Azure Object IDs into Brivo Access prior to the integration to prevent the creation of duplicate Brivo Access users. Please contact Brivo Professional Services (pro.services@brivo.com) prior to proceeding.

NOTE: Any Azure users with “block sign in” set to “yes” will have their Brivo Access accounts set to suspended. Their credentials will not unlock doors.

How did we do?

Configure Identity Connector for Azure Active Directory

BMP Provisioning with Identity Connector for Azure Active Directory

Contact