This guide will walk you through the steps of how to integrate your Xink account with your Azure AD in order to export all users (or only the users you specify) to Xink.
Once set up, it will also remove and add users as they come and go from your Active Directory.
Which fields are imported from Azure AD to Xink?
The following fields are imported into Xink once you've integrated them with Azure Active Directory.
Each of these properties is put into the corresponding default fields in Xink:
- givenName (First Name)
- sn (Last Name)
- displayName (Display Name)
- mail (Email)
- telephoneNumber (Phone)
- title (Job Title)
- department (Department)
- mobile (Mobile)
- facsimileTelephoneNumber (Fax)
- company (Company)
- streetAddress (Street)
- l (City)
- st (State)
- postalCode (Zip)
- co (Country)
- jpegPhoto (Photo)
After you integrate to Azure AD, employees will show:
- It automatically updates every two hours.
- You can also trigger the sync by clicking "Schedule Update" on your dashboard (will only show if you have set up O365 signatures).
- It updates account information such as name, numbers, and titles add new users and remove old users (if you have checked 'Delete Employees').
How to grant Xink access to your Azure Active Directory
All users will appear automatically when you integrate Xink with your Azure AD.
To get started, you need to open your Windows Azure Management Console and follow these steps:
- On the left navigation pane and search and click "App registrations"
- Click the “New Application Registration” button.
- Fill the appeared Create pop-up.
Give a Name to your application, choose Web app / API Application Type and enter https://app.xink.io into the Sign-on URL field.
Then Push the Create button.
Next step is preparing your Azure AD for Xink integration.
- Still in the "App Registration" copy and save the Application ID somewhere because you will need it later on the Xink side of this integration.
Select the Application you created "Settings" and click Keys section. Choose the preferable key duration, Description is optional then save.
The key value will appear after you save the above. Now save the key value as you will you need it along with Application ID later on Xink side integration.
- Then go to the Required permissions section. And choose the next:
In Application Permissions drop-down menu, check the following:
- Read directory data
In Delegated Permissions drop-down menu, check each of the following:
- Sign in and read the user profile
- Read directory data
- Access the directory as the signed-in user
- Click Save
- Grant Permissions for XINK.
Now you have granted Xink to read and import users from your Azure AD to Xink.
Finally, update credentials in Xink
- Log into your Xink account.
- Click the drop-down next to your Profile in the upper right-hand corner > Preferences > Integration > Azure AD.
- Fill in the following information:
Check Enable Azure AD user synchronization so you automatically import all users from Azure AD so you no longer have to import any manually.
Tenant Name is the name of your Azure AD domain, like 'yourcompany.onmicrosoft.com'.
Paste your copied Application ID into the Application ID field.
Paste in your Azure AD key value.
It's recommended to check Delete Employees for Xink to automatically remove users that no longer exist in your Azure AD, so you constantly have an accurate number of total licenses and users.
Check Look at ProxyAddresses array for Email and if user's Email field is empty, export service can try to use the first element of this array.
Check Look at Other (Alternative) array for Email and if user's Email field is still empty, export service can try to use the first element of this array.
Try to use User Principal Name as Email is unchecked by default in Xink. If user's Email field is still empty, export service can try to use User Principal Name as Email once you check this item, but it is not recommended.
Check Use import filter and fill out the criteria below if you want to set up certain import criteria.
If it all works, hit Save and your Xink + Azure AD integration good to go!
IT Pro: How to read groups from Active Directory (AD on-premises and Azure AD).