AzureAD (Office365) SCIM & SAML (SSO) Configuration

In this article:

• Features

• Requirements

• SAML Authentication Setup

• SCIM Provisioning setup

• Important: UPN is not matching the primary email address

Features

The following provisioning features are supported:

Push new users

Push profile updates

Push user deactivation

Requirements

You will require a LawVu account and be in contact with our implementation team.

Azure Active Directory (AAD) - SAML

Go to Azure Active Directory Admin Centre.

Under All Services go to Enterprise Applications and click on New Application.

Search for LawVu under Gallery application and click create.

Once created, select Single sign-on and enter the values provided by LawVu.

LawVu configuration

Please share the below 3 values with us through your preferred secure way.

Please also inform us of any additional domains that will be used for login.

Azure Active Directory (AAD) - SCIM

Select Provisioning, click on Get Started and enter values supplied by LawVu.

Set your desired scope and set Provisioning to On under settings.

Ensure you add the desired users into the LawVu app for automatic user provisioning. Please communicate with your Legal team leader which accounts require access to LawVu.

After enabling provisioning, please ensure the sync has started and is completed.

Important: UPN is not matching the primary email address

Lawvu's enterprise app is pre-configured with the correct and Microsoft-recommended attributes, which is compatible with most of our client's accounts.

If your AzureAD contains user accounts where the user's UPN does not match the user's primary email address, then the below modification must be made.

Under Single-Sign-On and Attributes and Claims, please remove the below "user.mail" claim.

Reporting a problem

Before you report a problem, can you please check ALL of the above settings? If the issue persists, then please get in touch with our support team.