Skip to main content

Azure AD - Integration user and synchronization

Integration guide for Azure AD and Addo Sign covering setup, sync rules, and user or group updates.

Updated this week

Integration user

To ensure that you get the best integration and the most smooth process with Azure AD, it is important that you who do the integration both have the role "administrator" in Addo Sign and that you have the role "Global Admin" in your company's Azure account , as otherwise an integration is not allowed.

The integration user that you are using to make the integration, should not be used for anything in Addo Sign and therefore we would strongly recommend that the integration user that you are using to make the integration is an admin user in Azure who is not associated with a person and who has been decided not to take it down.

Sync interval

The synchronization between Azure AD and Addo Sign runs automatically once every hour, but only for users who log in to Addo Sign with their Azure profile. This means that if changes are made in Azure AD, they will not take effect in Addo Sign until the affected user has logged in β€” and then it may take up to one hour before the changes are visible.

It is therefore important that the user in question logs in to Addo Sign and that you allow up to one hour for the synchronization to complete.

This applies to all changes, such as updates to user rights, changes of user groups, or deletion of users.

User and group synchronization

With the Sync interval in mind, you should also be aware that changes you make to your Addo Sign application in Azure AD in connection with adding users and groups will only take effect according to the same sync rules as above.

Therefore, you may find that you create users and groups in Addo Sign, but that the people are not created in your Addo Sign account, nor are they associated with the right group.

In order for the people to join the group or have the right that you have selected in Azure AD, it therefore requires the user that you have made the change to, logs in.

the login will trigger the synchronization for the specific user and they will therefore be connected with the correct rights as well as in the correct group.

Did this answer your question?