English (US)

SCIM Setup for Azure

Written by Megan Schuett Updated February 27, 2026

Table of Contents

Add the Integration Set Up the Connection Add the Custom Attributes Set Up the Attribute Mappings Testing Your Setup

If your organization uses Azure to manage user identify information, Fleetio offers an integration to set up the System for Cross-domain Identity Management, or SCIM. This article covers how to successfully set up SCIM to start managing user lifecycles.

Add the Integration

In order to set up SCIM, you need to have already set up SAML in Fleetio.

Set Up the Connection

  1. Before going to Azure, go to your Fleetio Account Menu and select Settings.

  1. In the Settings sidebar, click SAML Connectors in the Integrations section.
  2. Hover over your SAML connector, click the More Actions Button, then select Edit.
  3. Scroll down to the SCIM Settings section and copy the SCIM Base URL and SCIM Token values.

  1. Now, in Azure, click on Provisioning, and you’ll be taken to a welcome screen. Click Get Started.

  1. Select Automatic in the Provisioning Mode drop-down menu then fill in Tenant URL with Fleetio’s SCIM Base URL and Secret Token with Fleetio’s SCIM Token. These are the values you copied in step 3.

  1. Click Test Connection to verify that you’ve entered the information correctly.

Add the Custom Attributes

  1. Go to Provisioning and click Edit Attribute Mappings.
  2. Under the Mappings drop-down, click on Provision Azure Active Directory Users.

  1. Click the Show advanced options checkbox, and then click Edit attribute list for customappsso.

  1. Add the following new attributes (all are String types):
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:user_type
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:role_name
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:group_name
  1. If you would like to customize the record sets of your users, add the following attributes:
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:vehicles_record_set
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:contacts_record_set
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:equipment_record_set
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:inspection_forms_record_set
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:parts_record_set
  1. If you are utilizing our Shop Network, you can provision Auto Integrate Users using the following namespaces:
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:auto_integrate_roles
urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:auto_integrate_max_auth_limit
  • urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:auto_integrate_roles is a String that accepts the following values. If assigning multiple roles to a user, combine them with a string. E.g. client_admin, client_view_ro, client_manual_ro_approval
    • client_admin
    • client_user_admin
    • client_view_ro
    • client_manual_ro_approval
    • no_access
  • urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:auto_integrate_max_auth_limit is a Number value. If you wanted an authorization limit of $1,000, you would supply 1000, not 1,000

  1. Click Save after adding these custom attributes.

Set Up the Attribute Mappings

After saving the attribute list, you will be taken back to the Attribute Mapping screen. Here, you will set up what values Azure will send Fleetio when provisioning the user. Below is a description of what the attribute means in Fleetio and what values are accepted:

(All attributes are prefixed with urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:)

Attribute
Description
Accepted Values
user_type
The type of user in Fleetio
regular or admin
role_name
For regular users - the role assigned to this user
Roles names are defined under your Fleetio account settings
group_name
The group assigned to the contact in Fleetio
Groups are found under your Fleetio account settings. The group MUST exist in Fleetio. If the group is part of a hierarchy, you can delimit the group names using a pipe | character. For example: USA|Midwest|Chicago
employee
 The user is an employee
true or false
operator
The user is an operator
true or false
technician
The user is a technician
true or false

NOTE: All accepted values are case-sensitive.

All regular users are created using the default record sets on your account. If you would like each user to have a different record set, Fleetio accepts the following attributes:

Attribute Description Accepted Values
vehicles_record_set The Vehicle record set name Record set names are found under your Fleetio account settings
contacts_record_set The Contact record set name Record set names are found under your Fleetio account settings
equipment_record_set The Tools record set name
NOTE: Tools was previously known as Equipment 		Record set names are found under your Fleetio account settings
inspection_forms_record_set The Inspection Form record set name Record set names are found under your Fleetio account settings
parts_record_set The Part Location record set name Record set names are found under your Fleetio account settings

NOTE: Not all record sets may be applicable to your account. If you don’t have the Tools add-on enabled, then you can disregard the equipment_record_set attribute.

To map an attribute in Azure to Fleetio:

  1. Click Add New Mapping to bring up the form.
  2. Select the appropriate Mapping type. In this document, we will be hard coding a value for demonstration purposes. You can read more about this in Microsoft’s Azure docs.
  3. In this example, we will map the user_type attribute to the value regular. This means all users provisioned from Azure will be regular users. Select urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:user_type as the Target attribute.
  4. When complete, click OK.

  1. Now we will create a mapping for role_name. Click Add New Mapping again, and select urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:role_name as the Target attribute. When regular users are provisioned in Fleetio, we need to assign them a role. The role name can be obtained from your Fleetio Account Settings. Note that these values are case-sensitive.

  1. Finally, we’ll assign our users to a group in Fleetio. Click Add New Mapping once more, and select urn:ietf:params:scim:schemas:extension:fleetio:2.0:User:group_name as the Target attribute. Here, we’re telling Fleetio that all users provisioned will be under the Birmingham group.

  1. Click Save at the top of the page to save the attribute mappings.

If you would like to customize the user’s record sets, then repeat the same process for all the record set attributes. If you don’t provide a record set name, Fleetio will use the default record sets under your account settings.

Testing Your Setup

  1. To make sure everything is working properly, click Provision on demand and select a user in your directory to sync over to Fleetio.
  2. If everything is working properly, you should see the screenshot below. You may need to assign the user to your application first.

  1. Now that you’ve verified that everything is properly setup, you can start provisioning your AD users into Fleetio.

For more information or for advanced configuration, reference Microsoft’s Azure/SCIM website.

Related Articles

Single Sign-On (SSO) - SAML Setup for Azure

Security Assertion Markup Language (SAML) is an open standard for exchanging auth. . .

Single Sign-On (SSO) - SAML Setup for Okta

Security Assertion Markup Language (SAML) is an open standard for exchanging auth. . .