In this article:
AzureAD - Role creation and user assignment
AzureAD - Role attribute mapping for SCIM provisioning.
Features
LawVu provides the ability to map your AzureAD roles into LawVu roles. This enables the configuration of access roles via the existing IT tools, which ensures central management of users and permissions. To utilize automatic role mapping in your LawVu app, both steps will need to be completed and configured in your Azure AD app.
Requirements
You will require administrator access to your AzureAD (Office365) tenant and also be in touch with a LawVu technical contact in order to create the mapping in LawVu.
AzureAD - Role creation and user assignment.
Access the Enterprise app Lawvu and select “Users and Groups”. Click on “Application Registration”. Please note below the role assigned to a test user, which shows as “User” by default.
Click on “Create App Role” and create your LawVu roles here. The names don’t have to mirror the LawVu role names. The below four LawVu roles are available for mapping:
Administrator
In House Legal
Contributor
Standard User
Go back to your LawVu app and to “Users and Groups”. Add a user or a group and assign a role.
Add users, select the required role and apply.
Please note how the role assignment changed for our assigned user.
You can also change the role for an already existing user account under the app. Go to “Users and Groups”. Tick the box next to user account and click on “Edit Assignment”
Select the role as in the previous steps and assign to user.
AzureAD - Role attribute mapping for SCIM provisioning.
Create a custom attribute mapping for roles under Provisioning. Click on "Edit attribute mapping"
Expand Mappings and click on Provisioning AzureAD Users.
Scroll down and add new mapping
Create a new custom attribute mapping with below values.
Type: Expression
Expression: AppRoleAssignments([appRoleAssignments])
Target attribute: roles[primary eq “True”].value
