Setting up SCIM for Microsoft Azure

For enterprise organizations using Azure AD or currently syncing with the Coda Gallery app, set up a custom app to push groups to Coda

Updated over a week ago

The instructions below are for enterprise organizations who want to push users and user groups to Coda using SCIM and currently use Azure Active Directory to provision users. All user provisioning changes in Coda are only accessible to users designated as organization admins.

Please note that a custom app (NOT the Coda gallery app) must be used to successfully push groups to Coda. Microsoft 365 group members cannot be synced as part of this process. Not all Azure Active Directory plans support pushing groups - please check with Microsoft to confirm if your plan supports this feature.

Before kicking off this process, ensure that SAML SSO is accurately configured for your organization - instructions here.

Transitioning from Coda gallery app to custom app

The Gallery app for Coda does not support the latest updates to share with groups at this time, so you will have to transition from using the gallery app to a custom app if you'd like to grant your organization the ability to share docs & folders to groups.

Use the screenshot below as guidance on how to move off of the Coda Gallery app. If you're setting it up from scratch, move on to Setting up SCIM in Microsoft Azure AD.

To move from the Coda gallery app to a custom app in Azure, first disable provisioning from the provisioning tab in your existing gallery app:

Stop provisioning.jpg

Then follow the instructions above for setting up SCIM with a new custom app.

Setting up SCIM in Microsoft Azure AD

Create app

First, create a new application in Azure under Enterprise applications.

Create New Application.jpg

Then press Create your own application to create a custom app to connect to Coda. Do not use the Gallery app for Coda as it does not support the latest updates to share with groups at this time.

Add users & groups

Navigate to the custom application in Azure Active Directory that connects to Coda. Click Add user/group to add groups to be pushed to Coda:

Assign new Users and Groups to app.jpg

If you already have SCIM set up, to immediately sync the groups, navigate to the provisioning tab and click Provision on demand to sync the groups that were added.

Provision on demand.jpg

Enable provisioning

Click "Get started" under the Provisioning tab of the app to enable provisioning.

Enable Provisioning.jpg

Retrieve and add SCIM token from Coda

Navigate to organization settings and open the provisioning tab - see details here on how to navigate to organization settings in Coda.

Generate new SCIM token in Coda.jpg

If you're setting this up for the first time, use the Generate New Token button.

Then copy the SCIM endpoint and token into the new Azure under the Provisioning tab.

Copy Coda endpoint and credentials to Azure.jpg

Start provisioning

If you need to sync a few specific users or groups to push the latest updates for them into Coda, use the provision on demand flow:

Azure provision on demand select groups and members.jpg
Group provisioned from Azure.jpg

Confirm users & groups are synced

Finally, ensure that users and groups are synced correctly from the Provisioning tab in organization settings for the Groups tab for groups.

Confirm groups synced to Coda.jpg

Did this answer your question?