Overview
Sign In App's integration with Azure AD allows you keep your organisation's users in synchronisation. Changes made in your directory to users will be automatically pulled across periodically. This means Sign In App will always be update with the latest changes in your company.
Requirements
- Microsoft Account 
- Azure AD Tenant 
- A user with Azure AD admin access 
Getting Started
The integration to Azure AD is added at the point of creating a new repeat visitor group inside the portal. When selecting to add a new group, an option is provided to integrate with Azure AD. Once clicked, you'll be taken to Microsoft to login and agree to the required permissions to allow access.
To do this, go to Add Group in the portal.
Permissions
The required permissions are
- Read access to users - user.read.all
- Read access to groups - group.read.all
The application only reads data from the directory and does not need write access. The user access allows the application to pull down users and their profile data to be populated. The group access allows the application to search for certain groups and setup the synchronisation of only a subset of the users in the Azure AD directory from the configured group. Untick Include photos to exclude photos from the sync process. For synced groups with photos turned off, a placeholder icon will appear instead.
Data Recorded
The application pulls down only as much information as is needed, this includes:
- Unique Identifier 
- Display Name 
- Job Title 
- Email 
- Mobile 
Sync information
Once you've synced your Sign In App group with Azure AD you can view some of the key information such as last sync date/time and any filters that have been applied. You can see this from the online management portal by going to Manage > Groups > Select group > Members, the sync information is displayed directly above the group member list.
Tip: Sometimes the sync between Sign In App and Azure AD can break. If this does happen, all technical contacts will be notified by email. The email includes a link to the group in the Sign In App portal, from there you can fix the broken group.
You can manage your technical contacts by going to Manage, scrolling down to the bottom and clicking Portal users, then edit the user and tick Technical contact.
Privacy
Sign In App's privacy policy applies to the data synchronised from the Azure AD directory. https://www.signinapp.com/privacy-policy


