Administration
      Back to home
      1. Help Center
      2. Administration

      Setup Identity Provider & Entra ID Provisioning

      Setup Microsoft Entra ID as an external identity provider and manage SCIM user synchronization.

      1. Log in your 3spin Learning Web Management System (WMS) with your admin user. Click on Admin to go to the Admin Settings. Click on Manage Identity Providers.

        00_01_Identity_Provider_Setup

      2. Click + New Provider

        00_02_Identity_Provider_Setup

      3. After you have registered an application inside your Microsoft Entra admin center (Microsoft Azure > Entra ID > App registrations), you can fill out all required fields. Then click Save.

        00_03_Identity_Provider_Setup

      4. Go to Microsoft Azure > Entra ID > App registrations, click on the name of your registered app to open it’s settings. Click on Authentication, then click Add URI and enter the Redirect URI
        (https://your-server.3spin-learning.com/auth/callback)

        02_01_Entra_ID_Authentication.png

      5. Click + Add a plattform and choose Mobile and desktop applications.

        02_02_Entra_ID_Authentication.png

      6. Enter tslearn://auth as the Custom redirect URI. Click Configure and then click Save to save all settings.

        02_03_Entra_ID_Authentication.png

      7. In your 3spin learning WMS Click Generate API Key

        00_04_Identity_Provider_Setup

      8. Copy and make sure to save this API Key for later use. This will be the Secret token.

        01_01_Entra_ID_Provisioning

      9. Copy and save the SCIM Endpoint for later use. This will be the Tenant URL.

        01_02_Entra_ID_Provisioning

      10. Go to Microsoft Azure > Entra ID > Enterprise applications. Click on + Create your own application. Give your application a name and choose Integrate any other application you don’t find in the gallery (Non-gallery). Then click Create.

        01_03_Entra_ID_Provisioning.png

      11. Click Provisioning.

        01_04_Entra_ID_Provisioning.png

      12. Click + New configuration.

        01_05_Entra_ID_Provisioning.png

      13. Enter the Tenant URL (this is the SCIM Endpoint you have copied from your 3spin learning WMS in Step 6).
        Enter the Secret token (this is the User Provisioning API Key you have copied from your 3spin learning WMS in Step 5).

        01_06_Entra_ID_Provisioning.png

      14. In the section Provisioning, open Mappings and click on Provision Microsoft Entra ID Users.

        01_07_Entra_ID_Provisioning.png

      15. Configure all attribute mappings as shown on this screenshot. Delete all other mappings.

        Screenshot 2025-03-11 at 09.11.19.png

      16. In the section Provisioning, open Mappings and click on Provision Microsoft Entra ID Groups.
         
        01_09_Entra_ID_Provisioning.png

      17. Configure all attribute mappings as shown on this screenshot. Delete all other mappings.

        01_10_Entra_ID_Provisioning.png

      18. In the section Provisioning, open Settings and choose Sync only assigned users and groups from the Scope dropdown. Turn Provisioning Status On

        01_11_Entra_ID_Provisioning.png

      19. In the Overview (Preview) section, click Start provisioning. After about 40-60 minutes, the data are synced with 3spin learning.

        01_12_Entra_ID_Provisioning.png