Azure AD Synchronization

Compliantly allows importing recipients from Azure AD and provides a possibility to automatically synchronize a recipient group with your Active Directory.
Active Directory settings can be found under Settings > Azure AD Settings.

Please refer to this wiki article to establish the connection to Azure AD:

Configuration of OAuth 2.0 for Microsoft Azure

Make sure to configure an additional URI for import feature in the Azure application settings:

https://<compliantly domain>:<port>/oauth

<compliantly_domain> – your Compliantly's system domain, for example

<port> – custom port (in case one's configured), for example 8443.

If the default port is being used, there's no need to specify it in the URI.

As soon as the connection has been configured to Azure AD, you may be able to import recipients and users directly from your directory service.

Azure AD Update Preferences

This menu allows configuring automatic synchronization of Azure AD recipients and users that were imported into Compliantly. Automatic synchronization happens every 10 minutes.

Azure AD update preferences contain 2 options for automatic action.
It is possible to configure Compliantly to add users and recipients automatically or to wait for the Administrator's decision.

In case if you select “Waiting for administrator's decision”, an Administrator will have to go to a control list and decide whether it is necessary to deleteadd a recipientuser or not.

In Azure AD update preferences it can be determined the behavior for deleted recipients:

  • Automatically Delete Inactive
  • Never Delete Recipients
  • Waiting for Administrator's decision

It is also possible to customize the pattern of automatic import of users from AD.
Compliantly will scan Azure AD and automatically bind a role to an imported user according to the set filters.

Importing recipients in a group for a campaign

When you create a new recipient group you will be able to use the previously configured Azure AD connection to query and import all the users/groups:

Compliantly will automatically match the user's attributes in the active directory with the available recipient attributes in Compliantly.

If “Update existing recipients” option is enabled, recipient attributes will update during Azure AD import if these recipients have been imported before.

Automatically Update Azure AD Recipients

It is possible to configure Compliantly to auto-update the recipient list from Active Directory.

You may use regular Active Directory search filters, for example:

Filter value to get all users with a department 'QA'

department eq 'QA'

See Microsoft Documentation for more info.

Importing Users from Azure AD

If you want to import users who can access Compliantly using their AD account, you can go into the user settings menu (Settings > Administrative Users) and choose (Import > Azure AD):

The same user import menu can also be accessed via (Settings > Azure AD Settings > Import Users From Azure AD).

Which AD fields can be used?

Compliantly will automatically match the user's attributes in the Azure active directory with the available recipient attributes in Compliantly. The default mapping between Compliantly and Azure is presented below:

Compliantly Azure Description Applying For
E-mail mail Recipient's e-mail address User & Recipient Import
Phone mobilePhone Recipient's phone number User & Recipient Import
Full Name displayName Recipient's full name User & Recipient Import
Staff Type jobTitle Recipient's staff status Recipient Import
Location officeLocation Recipient's location Recipient Import
Division department Recipient's working department Recipient Import
Language preferredLanguage Recipient's language Recipient Import
Lastname surname Recipient's second name Recipient Import
Firstname givenName Recipient's first name Recipient Import