Hoxhunt supports System for Cross-domain Identity Management (SCIM), which is an industry-standard protocol for automated exchange of user identity information between different domains or IT systems. Azure AD will synchronize your data (identity information) with Hoxhunt which means that Hoxhunt will always be up to date with the right user and group information. Hence, if you add or remove an employee from your Active Directory (AD), Hoxhunt will automatically get this information and ensure the right users have access to Hoxhunt.
This feature lets you:
- Automate provisioning: Automatically create new accounts in Hoxhunt for new people when they join your team or organization.
- Automate deprovisioning: Automatically deactivate accounts in Hoxhunt when people leave the team or organization.
- Synchronize data between systems: Ensure that the identities in Hoxhunt are kept up to date based on changes in the directory or your human resources system.
- Govern access: Monitor and audit who has been provisioned into Hoxhunt
- Seamlessly deploy in brown field scenarios: Match existing identities between systems and allow for easy integration, even when users already exist in the target system.
- User soft deletion: User account is soft deleted if: User is unassigned from the Hoxhunt enterprise application in Azure AD, Group that user belongs to is unassigned from the Hoxhunt enterprise application in Azure AD or User is deleted in Azure AD. When any of the above events occur, Azure AD will send a signal to deactivate User in Hoxhunt when SCIM integration is enabled. Hoxhunt will flag the User as soft-deleted and promptly delete the User’s data after a minimum of 90 days have passed. If the User is re-activated before the 90 days have passed, the timer will be removed and the User will not be in scope for soft deletion. edit 20.7.2020: NOTE! There is a bug on Microsoft's end that has disabled the soft deletion feature. We are waiting for confirmation that the issue is fixed.
NOTE! Keep in mind that synchronization will happen from the point of configuration, which means all existing users in your Hoxhunt environment that is deleted from your Identity Provider prior to configuration, will not get deleted from Hoxhunt after the configuration.
NOTE! This feature is currently only available for Azure AD. Integrations for other identity providers will be published later.
How to set up the integration: