Import users from Azure AD using SCIM

Modified on Thu, 03 Dec 2020 at 01:08 PM

Fluid can import users from Active Directory (AD) using the SCIM (System for Cross-Domain Identity Management) protocol. You can read how to create an Enterprise Application in Azure Active Directory here.

The users can be placed in specially named AD group, that Fluid recognises, and associate the group with the Enterprise Application. This will create the user in Fluid once and assign the Fluid roles to the users based on the group. Users can be in as many groups as needed.


All users who do not belong to any AD groups will be created with Fluid default roles.


The groups that need to be created in AD (and associated with the Enterprise Application) should have the Fluid Role prefixed with Fluid. The group/role mapping is provided at the bottom of this document.


For example, Fluid role Project Administrator is represented by Fluid Project Administrator group in AD and the Fluid role Financial Administrator by Fluid Financial Administrator.



How to import users from Active Directory into Fluid with a Fluid role?


The instructions below explain how to import users with project administrator and financial administrator roles.


1Create a group in Active Directory called Fluid Project Administrator.



2Assign the users who should have Project Administrator role in Fluid to the Fluid Project Administrator group in Active Directory.




3Add the group to the SCIM Enterprise Application (instructions how to create an enterprise application are here).




4Create a group in Active Directory called Fluid Financial Administrator.



5Assign the users who should have Financial Administrator role in Fluid to the Fluid Financial Administrator group in Active Directory.




6Add the group Fluid Financial Administrator to the SCIM Enterprise Application (instructions how to create an enterprise application are here).




7Start the Provisioning by clicking the "Start provisioning" button.




Once the process is completed, the user accounts will be shown in Fluid with the roles set up as per the AD groups. Please note that AD has its own synchronise interval which can be from immediate to 40 minutes, so the users and roles may not appear in Fluid immediately.



Role to group mapping


Role in Fluid
Group in Active Directory
Accountable ExecutiveFluid Accountable Executive
Application administratorFluid Application administrator
Benefit accessFluid Benefit access
Budget ApproverFluid Budget Approver
Data AdministratorFluid Data Administrator
Financial accessFluid Financial access
Financial AdministratorFluid Financial Administrator
Project accessFluid Project access
Project administratorFluid Project administrator
Project submissionFluid Project submission
Project ViewerFluid Project Viewer
Resourcing accessFluid Resourcing access
Team managerFluid Team manager
Timesheet administratorFluid Timesheet administrator
Timesheet ExemptFluid Timesheet Exempt
UserFluid User
User AdministratorFluid User Administrator

Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article