Azure AD (Entra ID) to JSM Assets

Please review instructions here to get started with setting up an Assets import configuration. You can then access OnLink app from the “Manage your apps” menu to further configure and set the field level mapping. Here’s an example configuration:

Set a descriptive name for this map
Set source system to Azure AD
Asset Schema is pre-filled. This is the schema in JSM Assets on which you started the configuration.
Select the Object Type within your schema.
Select schedule frequency
Attribute mapping - see below for more details.

Sample Azure AD Object Schema

Here’s the associated mapping

key:id=UserID
map:id=Name
map:userPrincipalName=UserPrincipalName
map:displayName=DisplayName
map:companyName=CompanyName
map:department=Department
map:jobTitle=JobTitle
config:export_azure_groups=false
config:export_azure_licenses=false
config:data_limit=100

Here’s a detailed breakdown of each of the mapping items:

Key or Map	Description

Key or Map	Description
`key:userPrincipalName=WorkerID`	The keyword “key” refers to using userPrincipalName as a unique identifier. This allows OnLink to update the record. WorkerID is a text attribute.
`map:userPrincipalName=Email`	The userPrincipalName is also mapped to Atlassian Account ID, which is an attribute of type “User”. Here OnLink looksup the Atlassian User object based on userPrincipalName.
`map:usageLocation=Usage Location`	Maps usageLocation property from Azure to Usage Location. Any field (string, boolean, date) from Azure AD API can be used as the source field. Here’s the list of fields: user resource type - Microsoft Graph v1.0 Some common fields are: companyName country department displayName employeeHireDate employeeType givenName jobTitle mailNickname mobilePhone officeLocation preferredName surname userPrincipalName
`map:CostCenterEmployeeOrg=Department\|Name=${CostCenterEmployeeOrg}`	This maps employee Cost Center in Azure to Department attribute in Assets schema, where Department is a reference and the lookup happens by name
`map:DivisionEmployeeOrg=Division\|Name=${DivisionEmployeeOrg}`	This maps employee Division in Azure to Division attribute in Assets schema, where Division is a reference and the lookup happens by name
`map:EmployeeManager=ManagerObject\|WorkerID=${EmployeeManager}`	EmployeeManager is a special property that OnLink provides. In this mapping example, ManagerObject is an attribute in your Asset Object type. It’s a self-referencing object i.e., an object attribute that points back to the parent object type. To map the manager field, the Azure User ID field is used. In this case, this Azure User ID is mapped to WorkerID attribute. Note: this is only enabled when you are importing less than 1000 users at the moment. This can be enabled by setting this property in your mapping attributes: `config:expand=manager`. However the Azure API does not support filters when exporting managers. You can however split the assets into two imports - one with filters and without managers, and the other without filters to pull managers. Both can then be combined into objects.
`config:export_azure_groups=true`	This allows OnLink to pull all Groups assigned to a user. Please note that a pre-defined schema needs to be created exactly like below. Schema name is Azure Groups. Three text attributes - Group Display Name, Group Description, Group ID. OnLink pulls Azure Groups into this schema and maps them to your users schema.
`config:export_azure_licenses=true`	Similar to Groups, this setting allows OnLink to pull all Licenses assigned to a user. Please note that a pre-defined schema needs to be created exactly like below. Schema name is Azure Licenses. Three text attributes - License ID, License SKU Part Number, License SKU ID
`config:filter=country eq 'United States'` (example)	Optional parameter to add filter to list users; any valid filter expression can be used here
`config:data_limit=100`	Optional parameter to limit the number of users to pull from Azure. This can be used for initial testing.