Integrating with Azure AD allows you to automatically create users in Bob for new hires, update changes to employee profiles and deactivate users when employees leave the company. 

Note: This integration is available only if your company uses the cloud-based Azure AD. Currently, Bob does not support on-prem Azure AD, hybrid environment or AD B2C.

Integration Details

Detail How it works

Integration type

One-way via API

Direction of data flow

Bob to Azure

Sync trigger

An event

Sync frequency

  • Employee created
  • Employee joined
  • Employee updated

Note: By default, users will begin synchronization on their start date.

Support information

support@hibob.com

Data Mapping

Bob Field

Azure Field

Email

User Principal Name

First Name

GivenName

Last Name

Surname

Display Name 

DisplayName

First Name + Last name

MailNickname

Department

Department

Job Title

Job Title

Reports to

AzureManagerfieldPlaceholder

Work Mobile

MobilePhone

Work Phone

BusinessPhone

Before you begin

To activate the provisioning process you will need to:

  • Create an application 
  • Obtain the following from Azure:
    • Application ID 
    • API key
    • Tenant name for the Azure AD account

For full details, see Create an Azure AD app and service principal in Microsoft Learn.

How to set up Azure AD provisioning in Bob

Step 1: In Azure

Provide permissions for the integration to work:

  1. Select Settings > Required permissions, and then click Add.
  2. Select an API and Microsoft Graph.
  3. In Application Permissions, select the Directory.ReadWrite.All permission
  4. Click Done.
  5. In the Required permissions panel, click Grant permissions.

For full details see User permissions in Microsoft Learn.

Step 2: In Bob

  1. From the left menu, select Settings > Integrations.
  2. Select Provisioning
  3. In the Azure AD tile, click Connect.
  4. In the Client ID field, enter the Application ID.
  5. In the Secret field enter the API key
  6. In the Tenant field, enter the name of your Azure AD account
  7. Enter the Default password. This should comply with your Azure AD password policy.
  8. Click Save.

FAQs

When is a user created in Azure?

Based on your configuration, Bob can create an Azure user once the user's profile has been created in Bob, or based on an employee's status in Bob.

To learn more about how too change the default settings and set how the users will be created, see the provisioning settings.