The EmaiI Signature Web Portal - Help Center

IT Pro: How to read users from Azure Active Directory (AAD)

This guide will walk you through the steps of how to integrate your Xink account with your Azure AD in order to export all users (or only the users you specify) to Xink. 

Once set up, it will also remove and add users as they come and go from your Active Directory.

Which fields are imported from Azure AD to Xink?

The following default fields are imported into Xink once you've integrated them with Azure Active Directory.

Each of these properties is put into the corresponding default fields in Xink:

  • givenName (First Name)
  • sn (Last Name)
  • displayName (Display Name)
  • mail (Email)
  • telephoneNumber (Phone)
  • title (Job Title)
  • department (Department)
  • mobile (Mobile)
  • facsimileTelephoneNumber (Fax)
  • company (Company)
  • streetAddress (Street)
  • (City)
  • st (State)
  • postalCode (Zip)
  • co (Country)
  • jpegPhoto (Photo)

After you integrate to Azure AD, employees will show:

  • It automatically updates every two hours
  • You can also trigger the sync by clicking "Schedule Update" on your dashboard (will only show if you have set up O365 signatures).
  • It updates account information such as name, numbers, and titles add new users and remove old users (if you have checked 'Delete Employees').

How to grant Xink access to your Azure Active Directory

All users will appear automatically when you integrate Xink with your Azure AD. 

To get started, you need to open your Windows Azure Management Console and follow these steps:

  1. On the left navigation pane click "App registrations" use 'search box' to search "App registrations" and then bookmark it.
  2. Click the “New registration” button. Fill the appeared Create pop-up.
    Give a Name to your application, choose Web app / API Application Type and enter into the Sign-on URL field.
    Then Push the Create button.

Next step is preparing your Azure AD for Xink integration. 

  1. Still in the "App Registrations" copy and save the Application ID on a notepad because you will need it later on Xink integration page.
  2. Select the Application you created and click "Certificates & secrets" in the list and then add 'new client secret'.

  3.  Write 'Xink Key' in the Description field 'Xink Key' and then select Never in the expiry date and click on Add.

  4. Auto generated key will appear after you click 'Add' in the screen shot above. Now save the key value because you will you need it along with Application ID later on Xink side integration page.

  5. Then go to the API permissions section. Click Add a permission button and find "Azure Active Directory Graph" in the list and select the recommended permissions below (See image below)
    In Application Permissions menu, check the following:

    - Read directory data

    In Delegated Permissions menu, check each of the following:

    - Sign in and read the user profile
    -  Read directory data
    -  Access the directory as the signed-in user

    In Microsoft Graph is granted by default (don't remove)
    - Sign in and read the user profile

  6. Finally click Grant admin consent for tenant, then accept with Office 365.

Now you have granted Xink to read and import users from your Azure AD to Xink.

Finally, update credentials in Xink

  1. Log into your Xink account.
  2. Click the drop-down next to your Profile in the upper right-hand corner > Preferences > Integration > Azure AD.

  3. Fill in the following information:

    Check Enable Azure AD user synchronization so you automatically import all users from Azure AD so you no longer have to import any manually.

    Tenant Name is the name of your Azure AD domain, like ''.

    Paste your copied Application ID into the Application ID field.
    Paste in your Azure AD key value.

    It's recommended to check Delete Employees for Xink to automatically remove users that no longer exist in your Azure AD, so you constantly have an accurate number of total licenses and users.

    Check Look at ProxyAddresses array for Email and if user's Email field is empty, export service can try to use the first element of this array.
    Check Look at Other (Alternative) array for Email and if user's Email field is still empty, export service can try to use the first element of this array.
    Try to use User Principal Name as Email is unchecked by default in Xink. If user's Email field is still empty, export service can try to use User Principal Name as Email once you check this item, but it is not recommended.

    Check Use import filter and fill out the criteria below if you want to set up certain import criteria.

    Check Connectivity.

    If it all works, hit Save and your Xink + Azure AD integration good to go!

Learn more

IT Pro: How to read groups from Active Directory (AD on-premises and Azure AD).

IT Pro: How to filter users in Azure AD using OData.

IT Pro: How to filter users in Azure AD using Client-Side.

IT Pro: How to sync custom attribute of Azure AD to Xink portal (Hybrid AAD)

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.