Question:
How can I sync users into my DocuWare system from Azure Active Directory?
Solution:
In order to sync users into your DocuWare System from Azure, you'll need to create an Azure App Registration: How to Create App Registration.
- In your Azure Active Directory App Registration for DocuWare, click on the "API Permissions" tab and add the following permissions to allow DocuWare access to the users:
(Please ensure that you select Type "Application" instead of "Delegated")
- Directory.Read.All
- Group.Read.All
- GroupMember.Read.All
- openid
- profile
- User.Read
- User.Read.All
Note: Be sure to "Grant admin consent" to all of the permissions, or they will not be applied.
- Click "Certificates & secrets" from the pane on the left to create a new client secret.
- Once the client secret has been created there will be a key generated under the value column. Back up this key immediately (copy to notepad), as it will be hidden when the page is closed.
- In the DocuWare User Synchronization tool, select "Azure Active Directory" from the Identity Provider drop-down.
In the app registration overview, copy the application ID (Client ID). Under Endpoints, copy the URL to the OpenID Connect metadata document (Issuer URL), along with the Client Secret, and paste it into the corresponding fields in the User Synchronization tool.
Within the app, the Azure Active Directory structure can be searched. To synchronize, select the groups you want to synchronize with DocuWare and then the groups that contain the users.
The users are always created using the UserPrincipalName prefix, so the user name is usually "firstname lastname".
Note: To ensure this Article is also working for Version 7.3. and 7.4. it is necessary to apply the latest minor update.
KBA is applicable for both Cloud and On-premise Organizations.
