You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/active-directory/saas-apps/apple-business-manager-provisioning-tutorial.md
+10-5Lines changed: 10 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -29,6 +29,7 @@ This tutorial describes the steps you need to perform in both Apple Business Man
29
29
> * Create users in Apple Business Manager
30
30
> * Remove users in Apple Business Manager when they do not require access anymore
31
31
> * Keep user attributes synchronized between Azure AD and Apple Business Manager
32
+
> *[Single sign-on](../manage-apps/add-application-portal-setup-oidc-sso.md) to Apple Business Manager (recommended).
32
33
33
34
## Prerequisites
34
35
@@ -52,17 +53,21 @@ The scenario outlined in this tutorial assumes that you already have the followi
52
53
2. Click Settings at the bottom of the sidebar click Data Source below Organization Settings, then click Connect to Data Source.
53
54
3. Click Connect next to SCIM, carefully read the warning, click Copy, then click Close.
54
55
[The Connect to SCIM window, which provides a token and a Copy button under it.]
55
-
Leave this window open to copy the Tenant URL from Apple Business Manager to Azure AD, which is: 'https://federation.apple.com/feeds/business/scim'
56
+
Leave this window open to copy the Tenant URL from Apple Business Manager to Azure AD, which is: `https://federation.apple.com/feeds/business/scim`
56
57
57
-
58
+
58
59
59
-
> [!NOTE]
60
-
> The secret token shouldn’t be shared with anyone other than the Azure AD administrator.
60
+
> [!NOTE]
61
+
> The secret token shouldn’t be shared with anyone other than the Azure AD administrator.
61
62
62
63
## Step 3. Add Apple Business Manager from the Azure AD application gallery
63
64
64
-
Add Apple Business Manager from the Azure AD application gallery to start managing provisioning to Apple Business Manager. If you have previously setup Apple Business Manager for SSO, you can use the same application. However it is recommended that you create a separate app when testing out the integration initially. Learn more about adding an application from the gallery [here](../manage-apps/add-application-portal.md).
65
+
* Add Apple Business Manager from the Azure AD application gallery to start managing provisioning to Apple Business Manager. If you have previously setup Apple Business Manager for SSO, you can use the same application. However it is recommended that you create a separate app when testing out the integration initially.
66
+
67
+
* To add the Apple Business Manager Azure AD app with Microsoft tenants, the administrator of the tenants must go through the federated authentication setup process, including testing authentication. When authentication has succeeded, the Apple Business Manager Azure AD app is populated in the tenant and the administrator can federate domains and configure Apple Business Manager to use SCIM (System for Cross-domain Identity Management) for directory sync.
65
68
69
+
[Use federated authentication with MS Azure AD in Apple Business Manager](https://support.apple.com/en-ke/guide/apple-business-manager/axmb02f73f18/web)
70
+
66
71
## Step 4. Define who will be in scope for provisioning
67
72
68
73
The Azure AD provisioning service allows you to scope who will be provisioned based on assignment to the application and or based on attributes of the user / group. If you choose to scope who will be provisioned to your app based on assignment, you can use the following [steps](../manage-apps/assign-user-or-group-access-portal.md) to assign users and groups to the application. If you choose to scope who will be provisioned based solely on attributes of the user or group, you can use a scoping filter as described [here](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md).
Copy file name to clipboardExpand all lines: articles/active-directory/saas-apps/apple-school-manager-provisioning-tutorial.md
+10-5Lines changed: 10 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -29,6 +29,7 @@ This tutorial describes the steps you need to perform in both Apple School Manag
29
29
> * Create users in Apple School Manager
30
30
> * Remove users in Apple School Manager when they do not require access anymore
31
31
> * Keep specific user attributes synchronized between Azure AD and Apple School Manager
32
+
> *[Single sign-on](../manage-apps/add-application-portal-setup-oidc-sso.md) to Apple School Manager (recommended).
32
33
33
34
## Prerequisites
34
35
@@ -52,17 +53,21 @@ The scenario outlined in this tutorial assumes that you already have the followi
52
53
2. Click Settings at the bottom of the sidebar click Data Source below Organization Settings, then click Connect to Data Source.
53
54
3. Click Connect next to SCIM, carefully read the warning, click Copy, then click Close.
54
55
[The Connect to SCIM window, which provides a token and a Copy button under it.]
55
-
Leave this window open to copy the Tenant URL from Apple Business Manager to Azure AD, which is: 'https://federation.apple.com/feeds/school/scim'
56
+
Leave this window open to copy the Tenant URL from Apple School Manager to Azure AD, which is: 'https://federation.apple.com/feeds/school/scim'
56
57
57
-
58
+
58
59
59
-
> [!NOTE]
60
-
> The secret token shouldn’t be shared with anyone other than the Azure AD administrator.
60
+
> [!NOTE]
61
+
> The secret token shouldn’t be shared with anyone other than the Azure AD administrator.
61
62
62
63
## Step 3. Add Apple School Manager from the Azure AD application gallery
63
64
64
-
Add Apple School Manager from the Azure AD application gallery to start managing provisioning to Apple School Manager. If you have previously setup Apple School Manager for SSO, you can use the same application. However it is recommended that you create a separate app when testing out the integration initially. Learn more about adding an application from the gallery [here](../manage-apps/add-application-portal.md).
65
+
* Add Apple School Manager from the Azure AD application gallery to start managing provisioning to Apple School Manager. If you have previously setup Apple School Manager for SSO, you can use the same application. However it is recommended that you create a separate app when testing out the integration initially.
66
+
67
+
* To add the Apple School Manager Azure AD app with Microsoft tenants, the administrator of the tenants must go through the federated authentication setup process, including testing authentication. When authentication has succeeded, the Apple School Manager Azure AD app is populated in the tenant and the administrator can federate domains and configure Apple School Manager to use SCIM (System for Cross-domain Identity Management) for directory sync.
65
68
69
+
[Use federated authentication with MS Azure AD in Apple School Manager](https://support.apple.com/en-ke/guide/apple-school-manager/axmb02f73f18/web)
70
+
66
71
## Step 4. Define who will be in scope for provisioning
67
72
68
73
The Azure AD provisioning service allows you to scope who will be provisioned based on assignment to the application and or based on attributes of the user / group. If you choose to scope who will be provisioned to your app based on assignment, you can use the following [steps](../manage-apps/assign-user-or-group-access-portal.md) to assign users and groups to the application. If you choose to scope who will be provisioned based solely on attributes of the user or group, you can use a scoping filter as described [here](../app-provisioning/define-conditional-rules-for-provisioning-user-accounts.md).
0 commit comments