We will walk through the process of provisioning identities from Entra ID to Cisco Umbrella. Cisco Umbrella is a cloud-delivered security service that provides secure internet access by preventing access to malicious websites, threats, and unwanted content. Integrating it with Entra ID helps organizations streamline identity management and access control.

Configure Entra ID

Login to Azure and navigate to Micorosft Entra ID > Enterprise Apps > New Application > Create Your Own Application.

Once you have named the enterprise app click on create, make sure "Integrate any other application you don't find in the gallery (Non-gallery)." is selected.

Generating SCIM token for Entra ID

• Navigate to Admin > API Keys.
• Click Static Keys and expand Azure Active Directory Provisioning.
• Click Generate Token.
• Copy and save your generated token.
• Copy and save the Azure Active Directory Provisioning URL, https://api.umbrella.com/identity/v2/scim.

Configure Enter ID Enterprise App

Using your Umbrella token and the Azure Active Directory Provisioning URL, configure the Enterprise App within the Entra ID portal. This setup will enable the provisioning of user and group identities to Cisco Umbrella.

• Navigate to the Enterprise App in the Entra ID portal.
• Click on provisioning > Manage > provisioning
• Change Provisoning Mode to Automatic
• Enter in Tenant URL and Secret Token
• Test connection then save

View Provisoned Users & Groups in Umbrella from Entra

After you have started the SCIM provisioning within the enterprise app also added users/group you should see some results dependant on users being provisioned.

• Navigate to Deployments > Users and Groups to view the users and groups provisioned from Azure AD.