Introducing Automated User & Group Provisioning with Microsoft Entra ID and Team level Permissions
We’re happy to announce an integration with Microsoft Entra ID (formerly Azure Active Directory) for automated User & Group provisioning as well as Team-level permission for easy user governance at scale.
One of Rivery’s most valuable features is the built-in support for unlimited environments. Organizations utilize environments to easily organize their data work, whether it’s by their data development life cycle process or by different teams of users building their pipelines without having to rely on a centralized data team (akin to the principles of data mesh or decentralized pipeline development).
Whether implementing Data Mesh principles or not, the utilization of environments in Rivery correlates with a rise in Rivery users per account. While we already support a Single Sign-On (SSO) experience for users, we are now taking it to the next level with Microsoft Entra ID User & Group provisioning and team-level permissions.
One place to manage your employees’ access to data
With our Microsoft Entra ID (formerly Azure Active Directory or Azure AD for short) integration, you can leverage Microsoft Azure’s user and group provisioning support, and automatically grant Rivery access to your users and groups.
In other words, you can keep adding and deleting users (at the user or group level) within Microsoft Entra ID and have those automatically synced into Rivery. This makes your administration life easier as you only need to update users within one place (that most likely serves many other systems as well) so you can benefit from faster user management and better data access security.
Behind the scenes
The integration with Microsoft Entra ID is done using SCIM, or System for Cross-domain Identity Management – an open standard that allows for the automation of user provisioning. It was created in 2011 as it became clear that the technology of the future would be cloud-based. SCIM communicates user identity data between identity providers (such as Microsoft Entra ID) and service providers requiring user identity information (such as Rivery).
When a user is created or updated within Microsoft Entra ID, Rivery automatically syncs to reflect the same changes. The sync works not only for users but also for groups which are referred to as teams in Rivery.
Team level permissions
Teams can consist of multiple users sharing the same permissions and can be either provisioned via Microsoft Entra ID or manually configured within Rivery. Teams allow organizations to scale their Rivery user management even if they don’t use Microsoft Entra ID to manage users and groups. For example, you can provision or create a team of users with a dedicated role such as deployment manager, and couple that with the Environments where this role will apply to all the users within the team.
Getting started with automating your user management at scale
We created an easy-to-follow guide for smooth integration with Microsoft Entra ID user and group provisioning. Check it out over here.
If you are just getting started with Rivery and need the Entra ID integration, it would be helpful to look at how to set up SSO with Entra ID as well.
If you’re looking to streamline user and team-level management according to your organization’s protocols, beyond Entra ID, Rivery’s API offers a solution. It allows you to automate tasks such as inviting users, managing teams, resetting passwords, and accessing permissions. When combined with the Environments management API, you can seamlessly scale your processes with complete automation.
Check out the documentation below for more information:
Minimize the firefighting. Maximize ROI on pipelines.
