At a high level there are a few simple steps to implement directory sync

Preparation

To prepare for directory sync setup:

• Ensure that single sign-on (SSO) is turned on for the domain you plan to sync from.

• Determine whether your directory is stored on premises or with an identity provider. For more information, see Directory environments.

• Identify an admin with permission to install and run the Active Directory Agent on their local network (for on premises) or access to the connecting identity provider (for SCIM).

Set up

To set up directory sync, begin by selecting the directory environment in the team settings. The process is different depending on the environment you choose.

On-premises

For an on-premises connection, you will be prompted to select an admin who will set up the directory sync connection. Autodesk partners with Okta to manage directory sync for on-premises environments. The selected admin will receive an email to activate an Okta account. After signing in, the admin can download and install Okta AD Agent to complete user provisioning. For detailed instructions, see On-premises setup with Okta AD Agent.

SCIM

To use a SCIM connection, you will need to select an Okta SCIM or Azure SCIM directory environment, depending on the identity provider your organization uses. For detailed setup instructions, see Azure SCIM setup and Okta SCIM setup.

Select settings

Next you will determine settings for user management, such as sync timing, auto-confirmation, auto-activation, and import type. As with setup, the process differs depending on the directory environment.

Turn on and verify

Once you’ve completed setup and updated the settings, you can turn on directory sync. Once the sync is complete, you can verify that the user list was imported correctly in Autodesk Account under User Management > By User.

Set Up directory sync

User Provisioning with on-premises active directory

For the user provisioning with On-Premises AD, the admin will recieve an email to sign in to Okta to initiate setting up directory sync. After signing in, the admin can download and install the Okta AD Agent to complete user provisioning with On-premises AD. The installation process can be initiated from the Okta's web portal. The key steps are provided here. Also, the detailed instructions are available on the okta documentation.

User Provisioning with identity provider

For user provisioning services which uses a SCIM service on your identity provider, it allows automatic account provisioning with the help of the pre-configured app. The SCIM provisioning setup will vary based on the IdP you use. We have outlined the procedure for Azure AD and Okta.

Configure directory sync

Using the Directory Sync User Management interface, you can configure the attributes to build the user profile and import groups into directory.

For user provisioning services that use a SCIM on Azure AD and Okta, the SCIM endpoint and Authorization token are available on the directory sync setup page, under the respective directory environment.

Refer to the following section on how to access the SCIM details in order to test the connection in the IDP.

To access SCIM endpoint and the secret token

1. In the Autodesk Account, go to User management on the left navigation bar and select the By Groups tab.
2. Click directory sync button on the right side panel.
3. Select the directory environment to view the SCIM details and enable the Sync.
4. Note down the SCIM endpoint and the secret token.

Also, other settings such as Sync schedule frequency, Auto-confirm/Auto-activate users, Life-cycle (Deactivate/Activate) can also be configured in your IDP settings.

Turn on and Verify

Enable the Sync for On-premises and SCIM connections as described in the respective setup guide.

Complete the directory integration by viewing the results in the Autodesk Account once the synchronization is completed.