This application is still very much work in progress, but the idea is that it should be able to do:
- Read user emails from a file ✅
- Get the users object ids from the corresponding Azure AD user ✅
- Add the users to an Azure AD group ✅
- Configure and Azure Enterprise Application ❌
- Configure SCIM with the Azure Enterprise Application ❌
Create a file .scim-setup and either place it in the $HOME directory or in the current working directory.
AZURE_CLIENT_ID=<REDACTED>
AZURE_CLIENT_SECRET=<REDACTED>
AZURE_TENANT_ID=<REDACTED>
AZURE_GROUP_OBJECT_ID=<REDACTED>
The AZURE_GROUP_OBJECT_ID is the ObjectId of the Azure AD group you want to add users to.
The AZURE_CLIENT_ID, AZURE_CLIENT_SECRET and AZURE_TENANT_ID must be the credentials for a service principal that is an owner of the Azure AD Group defined through AZURE_GROUP_OBJECT_ID.
You do not need to source the environment file or export these environment variables manually. The application will read the values directly from the .scim-setup file.
The users you want to add to the Azure AD Group defined through AZURE_GROUP_OBJECT_ID should be in the format [email protected] and be put one per line in a file called users.txt (or any other name you prefer).
You may put the file anywhere you like on disk, for instance in the /tmp directory.
./scim-setup /tmp/users.txt # Full path to the users.txt file
WIP
WIP
WIP