Overview

CommBox allows clients to create and manage users directly from their Identity Provider (IdP) of choice, such as Microsoft Entra ID (Azure). Any new users (agents or teams) added to the IdP will automatically be reflected in the CommBox platform, reducing errors and ensuring centralized, secure management. This integration guide uses Entra ID (formally Azure) as an example. Contact us if you need help with a different IdP provider.

With this integration you’ll be able to:
•Create users in CommBox
•Remove (deactivate) CommBox users when they no longer require access
•Keep user attributes synchronized between CommBox and Entra ID
•Set groups to CommBox permission profiles
•Set Single-sign-on in CommBox

Prerequisites

This guide assumes that you already have the following prerequisites:
• A Microsoft Entra tenant
• One of the following roles: Application Administrator, Cloud Application Administrator, or Application Owner.
•  A user account in CommBox with Admin permissions.

Step 1: Plan your provisioning deployment

• Learn about how the provisioning service works
• Determine who will be in scope for provisioning
• Determine what data to map between Microsoft Entra ID and CommBox

Step 2: Obtain API Key for provisioning

1. At the CommBox platform, navigate to Settings > API module, and click on the viewing icon at the API collum.

2. Copy the API key.

This API Key will be used as a Secret Token in the Admin Credentials Section of the Provisioning configuration in Azure.

Step 3: Create Azure AD Custom Application

1. On the sidebar menu click on Enterprise applications and next click on the + New application button.

2. In the Microsoft Entra Gallery select + Create your own application  
3. In the name of your app field enter the application name, for example: yourbrandname.combox.io and check the Integrate any other application you don't find in the gallery (Non-gallery) radio button option.
4. On the bottom of the page, click Create.

Step 4: (Optional) Add A New User in Azure AD

1. Sign in to Azure portal as a User administrator for the organization.
2. Search for and select Azure Active Directory from any page (also known as Microsoft Entra ID). 

3. Create User - Select Users (Under Manage) on the sidebar menu, and then select Create new user.

4. On the Create new user page, enter the required information for this user.Note: The User principal name in Azure Ad will be used for SAML authentication as oppose to the user.username used in CommBox. 

5. After entering the user information, click on Review + create.
6. On the next screen, review the created user information, add Basics, Properties, and Assignments as desired and required, and click Create.
   

Step 5 (Optional): Create A New Security Group in Azure AD

Create a security group in Azure Active Directory and add owners or members to the group.

1. Click Azure Active Directory
    
2. In the Manage section, click Groups.
   

3. Click the New group tab to create a new group in Azure Active Directory.
4. On the New Group page, enter the details for the new group.
   
   1. Select a Group type (Security).
   2. In the Group name field, enter the group name.
           NOTE: The Group Name after Provisioning will become the Permission Profile name in CommBox. 

        c. In the Group description field, add a description to the group.

        d. Select the Membership type.

        e. You can optionally add members or users to the group. 

            Click the link under Owners or Members to populate a list of every user or member in your directory. Choose users or members from the list, and then click Select.
 

5. Click Create.

Step 6: Assign Existing Users/Groups to The Application

1. Navigate to Home  > Azure Active Directory> Enterprise applications.
2. Click on https://brandname.commbox.io (as an example)
3. Click the User and groups on the sidebar and then click + Add user/group.
   
4. If you don’t see any users, click on None Selected. 
5. Select the user/s you wish to assign to the application and click Assign.

   Step 7: Configure Automatic User and Groups Provisioning to CommBox

This section guides you through the steps to configure the Microsoft Entra provisioning service to create, update, and disable users in CommBox based on user assignments in Microsoft Entra ID.

1. Sign into the Microsoft Entra admin center as a Cloud Application Administrator or higher authority. 

2. Navigate to Identity > Applications > Enterprise applications

3. In the applications list, select brandname.commbox.io. (for your business).

4. On the side-bar menu, under Manage, select Provisioning.

5. Set the Provisioning Mode to Automatic.

6. At the Admin Credentials Section set:

1. https://api.commbox.io/auth/scim in the Tenant URL.
2. In the Secret Token field Insert the API Key obtained earlier (Step 2).
3. Click on Test Connection
4. Review the status message. If the Admin Credentials are working correctly the next message will appear:

7. Navigate to the Mappings section and set the Mappings as follows:

1. Update the Users Attributes and click SAVE.  

2. Update the Group Attributes and click SAVE. 

* In the EDIT mode, 1 means that Match objects using this attribute = Yes