Applies to
- Enterprise
Capabilities
Who can use this capability
- System Admin
Manage Smartsheet users through Azure Active Directory
Leverage Azure Active Directory (Azure AD) to provision, deprovision, and manage the profile data of users in your Smartsheet plan.
Who can use this?
Plans:
- Smartsheet
- Enterprise
Permissions:
- System Admin
Find out if this capability is included in Smartsheet Regions or Smartsheet Gov.
System Admins and an IT Administrator can set up Active Directory with Smartsheet. System Admins can manage users (provision, deprovision, change user profile information and roles) through Active Directory as long as they’re also Azure AD Administrators.
Prerequisites
- Contact your Smartsheet account representative or Smartsheet Support to enable this capability for your organization’s plan.
- Take the Azure Active Directory and Smartsheet Integration online training.
Connect Azure AD with Smartsheet
Use this SCIM URL to configure Azure Active Directory integration: https://scim.smartsheet.com/v2/
- Sign in to Smartsheet with System Admin credentials.
- In Smartsheet, generate an API token under Account > Apps and Integrations > API Access > Generate new access token. The token generated runs with your credentials—this is a password to your account. Treat it as such.
- In Azure AD, work with your IT administrator to enable the Smartsheet gallery tile with the application ID 3290e3f7-d3ac-4165-bcef-cf4874fc4270.
User list report
To download your current user list:
- Navigate to Account > Admin Center.
- Select User Management if you’re on the Legacy Collaborator Model or User Roles and Reports if you’re on the User Subscription Model.
- Select More Actions > User List. See Admin Center: Add, edit, or deactivate users for more info. Use this list to assign users the correct roles in Azure AD. This ensures all users are provisioned to your account when logging in to Smartsheet for the first time.
In this report, you can find the following fields:
- Name
- Status
- Division
- Department
- Cost Center
Division, Department, and Cost Center data populate through your Active Directory service. If data exists for these fields, it shows in the User List report. If data doesn't exist from the Directory Service, the fields are blank in the User List report.
The data in the report should automatically sync with the Directory Service, although the Directory Service determines the exact refresh rate.
Keep this in mind
After the setup, be careful when making significant changes, such as manual or scripted bulk modifications. Improperly prepared scripts may cause unintentional deprovisioning when used with the Azure Directory Integration. If you have questions or require further assistance with making significant changes, contact Support.