Fluid can import users from Active Directory (AD) using the SCIM (System for Cross-Domain Identity Management) protocol. You can read how to create an Enterprise Application in Azure Active Directory here.
The users can be placed in specially named AD group, that Fluid recognises, and associate the group with the Enterprise Application. This will create the user in Fluid once and assign the Fluid roles to the users based on the group. Users can be in as many groups as needed.
All users who do not belong to any AD groups will be created with Fluid default roles.
The groups that need to be created in AD (and associated with the Enterprise Application) should have the Fluid Role prefixed with Fluid. The group/role mapping is provided at the bottom of this document.
For example, Fluid role Project Administrator is represented by Fluid Project Administrator group in AD and the Fluid role Financial Administrator by Fluid Financial Administrator.
How to import users from Active Directory into Fluid with a Fluid role?
The instructions below explain how to import users with project administrator and financial administrator roles.
|1||Create a group in Active Directory called Fluid Project Administrator.|
|2||Assign the users who should have Project Administrator role in Fluid to the Fluid Project Administrator group in Active Directory.|
|3||Add the group to the SCIM Enterprise Application (instructions how to create an enterprise application are here).|
|4||Create a group in Active Directory called Fluid Financial Administrator.|
|5||Assign the users who should have Financial Administrator role in Fluid to the Fluid Financial Administrator group in Active Directory.|
|6||Add the group Fluid Financial Administrator to the SCIM Enterprise Application (instructions how to create an enterprise application are here).|
|7||Start the Provisioning by clicking the "Start provisioning" button.|
Once the process is completed, the user accounts will be shown in Fluid with the roles set up as per the AD groups. Please note that AD has its own synchronise interval which can be from immediate to 40 minutes, so the users and roles may not appear in Fluid immediately.
Role to group mapping
Role in Fluid
Group in Active Directory
|Accountable Executive||Fluid Accountable Executive|
|Application administrator||Fluid Application administrator|
|Benefit access||Fluid Benefit access|
|Budget Approver||Fluid Budget Approver|
|Data Administrator||Fluid Data Administrator|
|Financial access||Fluid Financial access|
|Financial Administrator||Fluid Financial Administrator|
|Project access||Fluid Project access|
|Project administrator||Fluid Project administrator|
|Project submission||Fluid Project submission|
|Project Viewer||Fluid Project Viewer|
|Resourcing access||Fluid Resourcing access|
|Team manager||Fluid Team manager|
|Timesheet administrator||Fluid Timesheet administrator|
|Timesheet Exempt||Fluid Timesheet Exempt|
|User Administrator||Fluid User Administrator|