Setting up Azure for SSO and provisioning

(This is for your IT team)

Contact DraftPilot at contact@draftpilot.ai, they will a flag on the system, and also give you a secret provisioning code.

Once you've heard back from DraftPilot - log in to app.draftpilot.ai using SSO / Azure. (This will create an Enterprise Application in your Azure portal).

Next, go to https://portal.azure.com

Click on Enterprise Applications and click on DraftPilot

Click on Users and groups

Check to see if the users is set as a group

Ensure that assignment required is set to true 

In order to set up provisioning (i.e. automatically adding and removing users to DraftPilot) we set up a new Enterprise Application just for provisioning (this is separate from SSO).

Here's how:

• Create a new Enterprise Application in Azure AD:

• Go to Azure Portal > Azure Active Directory

• Click "Enterprise applications"

• Click "New application"

• Click "Create your own application"

• Name it (e.g., "DraftPilot provisioning”)

• Select "Integrate any other application you don't find in the gallery"

• Assign the DraftPilot user group

Next - let's hide it (this app is just for provisioning, and regular users shouldn't see it - it is NOT used for SSO).

• Enabled for users to sign in: No

• Assignment required: No

• Visible: No

In the new Enterprise application, go to "Provisioning"

Click New configuration

Change "Provisioning Mode" to "Automatic"

Under "Admin Credentials", enter:

     Tenant URL: https://api.draftpilot.ai/v1/scim

     Secret Token: [SECRET TOKEN PROVIDED BY DRAFTPILOT]

Go to Users and groups

Add a user to that user group.

Click on Provision now

Within DraftPilot go to https://app.draftpilot.ai/users - you should see that new user.