SCIM Provisioning allows for the management of all users to your EnergySys instances to be controlled within your Organisations Entra ID. The steps below cover the setup of the required relationship between EnergySys and your Entra ID.
Before any of the steps below are performed please supply to support@energysys.com your Entra ID tenant ID.
Step 1: Add the 'Foundation Cloud For Energy' Application as an Enterprise Application
Initial step in creating the Enterprise Application on your Entra ID required to configure SCIM authentication.
Step 2: Assign the Tenant Administrator role in Entra Admin Application
Access to the EnergySys Tenant Admin App requires the user to have the Tenant Administrator role within the created Enterprise Application.
Step 3: Generate Credentials for SCIM Provisioning
To use SCIM provisioning Entra ID must be configured with credentials. This allows Microsoft to use our APIs when users and added, updated, or deleted to keep access synchronised.
Step 4: Configuring SCIM Provisioning Within Entra Admin Application
This step involves setting the credentials generated in Step 3 for communication between Entra and Foundation.
Once SCIM provisions has been setup internal users can be added to the Enterprise Application. The users will then be created/updated within EnergySys and available for role assignment the next time the Entra ID synchronisation is performed. Synchronisation can be actioned immediately by following the Provisioning on Demand guide below.
Step 5: Add Guest Users to your Entra Application
External guest users can be provisioned to have access to your EnergySys instances. If you use an implementation partner they too will need to be guests within your Enterprise Application, or they can be created as a standard internal user if preferred.
Step 6: Optional- Provisioning On Demand
Entra synchronisation is performed periodically. Provisioning on-demand allows for users, added to the Enterprise Application, to be immediately synchronised.
https://support.energysys.com/en/support/solutions/articles/35000262611-provisioning-on-demand
Step 7: Okta Clean Up
When all users have been added to the Enterprise Application and testing is complete please advise the EnergySys support team so that they may remove the option for Okta authentication.