Directory sync
Cory Brown avatar
Written by Cory Brown
Updated over a week ago

Plan availability: βœ“ Enterprise

Scaling and managing your organization involves many moving parts, and Directory Sync in Simplesat can be a significant cog in that machine.

This feature allows for a smooth synchronization between your organization's Identity Provider (IdP) and Simplesat, automating user management and ensuring everyone is where they should be. With support for popular IdPs like Azure AD, Google Workspace, Otka, and compatibility with SCIM or SFTP protocols, we aim to offer you flexibility and efficiency.

Setting up Directory Sync

  1. Log into your account and head to the Authentication security page in the Admin settings.

  2. Click the Configure directory sync button. A new tab will open, prompting you to select your identity provider or opt for custom SCIM or SFTP configurations.

  3. Complete the setup by following the provided documentation. Once done, our system will test the connectivity to confirm if everything is set up correctly.

  4. Should the test return an error, take a short break and try again - changes may take several minutes to fully propagate. Persistent errors can be resolved by contacting Simplesat or your IdP's support.

  5. Return to your Simplesat dashboard and refresh the page. You should now see new configuration options.

Group mapping

  1. User groups to roles: Configure the group mapping to assign Simplesat roles to your users based on their group memberships.

  2. Permission levels: In the event a user belongs to multiple groups, they will be assigned to the group with the highest permission level.

  3. Save and sync: After setting up the mapping, scroll down and click Save and sync mapping. This action will synchronize the user information based on your configurations.

Fetching Groups During Sync

  • Initial sync: The first synchronization may take up to 15 minutes.

  • Loading state: During this process, you'll see a loading message:

  • Subsequent syncs: After the first sync, the system will automatically run approximately every hour to update any changes.

User Removal or 'Do Not Sync' Actions

Decide the course of action for users who are either removed from all groups or mapped to a 'Do Not Sync' role. You have three options:

  1. Delete the user: Removes the user from Simplesat.

  2. Downgrade to collaborator: The user will be shifted to the Collaborator role.

  3. Maintain status quo: The user's role and access remain unchanged.

Disabling or Removing the Feature

If you wish to change your IdP or unlink the feature, you can reset the connection by clicking the Edit directory sync configuration button and then Reset Directory.

To unsubscribe, please contact Simplesat support and we'll handle the rest for you.

Did this answer your question?