Import users, groups, software licenses, organizations (cost center, division) and other attributes from Entra ID to JSM Assets.
Please review instructions here to get started with setting up an Assets import configuration. You can then access OnLink app from the “Manage your apps” menu to further configure and set the field level mapping. Here’s an example configuration:
Set a descriptive name for this map
Set source system to Azure AD
Asset Schema is pre-filled. This is the schema in JSM Assets on which you started the configuration.
Select the Object Type within your schema.
Select schedule frequency
Attribute mapping - see below for more details.
Sample Azure AD Object Schema
Here’s the associated mapping
map:EmployeeManager=Manager Name|Name=${EmployeeManager}department=Department
map:usageLocationjobTitle=Usage LocationJobTitle
Here’s a detailed breakdown of each of the mapping items:
Key or Map | Description |
| The keyword “key” refers to using userPrincipalName as a unique identifier. This allows OnLink to update the record. WorkerID is a text attribute. |
For Azure, we support several custom mapping schemes e.g.
bgColor | #FFFFFF |
The userPrincipalName is also mapped to Atlassian Account ID, which is an attribute of type “User”. Here OnLink looksup the Atlassian User object based on userPrincipalName. | |
| Maps usageLocation property from Azure to Usage Location. Any field (string, boolean, date) from Azure AD API can be used as the source field. Here’s the list of fields: Some common fields are:
This maps employee Cost Center in Azure to Department attribute in |
Assets schema, where Department is a reference and the lookup happens by name | |
| This maps employee Division in Azure to Division attribute in Assets schema, where |
Division is a reference and the lookup happens by name |
set to 100 for testing purposes, max is 1500. Each scheduled job processes a max of 1500 records. OnLink automatically fetches the next set of data in the next scheduled run.
OnLink has below configuration parameters:
“EmployeeManager” is a special property that OnLink provides to get user’s manager ID. In this mapping example, ManagerObject is an attribute in your Asset Object type. It’s a self-referencing object i.e., an object attribute that points back to the parent object type. To map the manager field, the Azure User ID field is used. In this case, this Azure User ID is mapped to WorkerID attribute. Note: this is only enabled when you are importing less than 1,000 users at the moment. This can be enabled by setting this property in your mapping attributes:
| |
| This allows OnLink to pull all Groups assigned to a user. Please note that a pre-defined schema needs to be created exactly like below. Schema name is Azure Groups. Three text attributes - Group Display Name, Group Description, Group ID. OnLink pulls Azure Groups into this schema and maps them to your users schema. |
Similar to Groups, this setting allows OnLink to pull all Licenses assigned to a user. Please note that a pre-defined schema needs to be created exactly like below. Schema name is Azure Licenses. Three text attributes - License ID, License SKU Part Number, License SKU ID | |
| Optional parameter to add filter to list users; any valid filter expression can be used here |
| Optional parameter to limit the number of users to pull from Azure. This can be used for initial testing. |