Microsoft Entra ID

Information about the integration

Grant Operators Access Rights to ServiceChanger.com

After completing the onboarding process, you can proceed to grant access to ServiceChanger for operators, who are mostly servicedesk employees, IAM engineers, or system administrators.

Note: For a full overview of roles and their permissions, see Roles & App Settings.

Be aware that there are two available roles: Administrator and Operator. The Administrator role grants full authority to delete and update all users, groups, and user-group relationships, including bulk actions. Therefore, it is crucial to carefully consider who receives this level of access.

How to grant access rights?

1. Open portal.azure.com, sign in and navigate towards Azure Entra ID.

2. Go to "Enterpise applications"

1. Now find "Servicechanger.com" and click on it.

1. After opening it, you will find 'Users and Groups' in the left-side menu. Here, you will be able to add users or groups, granting Single Sign-On (SSO) access to ServiceChanger for operators.

Field mapping

Field mapping between Azure Entra ID and ServiceChanger is not customizable; it's intrinsic to the system's design and development.

Roles

These mappings serve as the foundation for the Attribute-Based Access model.

Entra ID	ServiceChanger
Job title	Job title
Department	Department
Office location	Location

Users

Entra ID	ServiceChanger
First name	First name
Last name	Last name
Display name	Display name
User principal name	User principal name
Manager	Manager

Groups

Entra ID	ServiceChanger
Group name	Group name
Group description	Group description
Group type	Group type

Note: See the API documentation for the fields used in the Hybrid Setup - Active Directory.

Authentication

OAuth 2.0/SSO: ServiceChanger utilizes OAuth 2.0/SSO for secure authentication processes.

Authorizations

Microsoft Graph API: ServiceChanger leverages the Microsoft Graph API to update Entra ID, facilitating efficient management of user permissions.