SCA Configuration - AAD groups

SecContacts.AADGroups

This setting is for defining an AZURE AD-Group as filter for AAD accounts to be used as contacts.

Instead of using the default "all in" method with some default exceptions via AADFilters, you can use AADGroups to select an AZURE AD-Group. Any AAD account which is members of this group will be selected as AAD contact. An AAD account need to have at least an displayname and a business or mobile phonenumber, otherwise gets ignored.

• Name: SecContacts.AADGroups

• Value: [{"name":"<AAD group name>", "value":"<AAD group ID>"}]

The Value property is a JSON Array of name value pairs.

Replace <AAD group name> with the name of the AAD Group

• e.g. AppMemberGroup

Replace <AAD group ID> with the Object Id of the AAD Group

• e.g. 15e3a3d2-50a6-43e3-137e-a44316d0b448

Optional properties for SecContacts.AADGroups in SCA 3.0

• Name: SecContacts.AADGroups

• Value: [{"name":"<AAD group name>", "value":"<AAD group ID>", "transitive":"true", "epHomePhone":"<ext.prop.HomePhone>", "epPrivateMobilePhone":"<ext.prop.MobilePhone>"}]

The Value is a JSON array containing one or more AAD groups. Each object in the array must include the mandatory fields:

Replace <AAD group name> with the name of the AAD Group

• e.g. AppMemberGroup

Replace <AAD group ID> with the Object Id of the AAD Group

• e.g. 15e3a3d2-50a6-43e3-137e-a44316d0b448

You may also optionally include:

• transitive: Set to "true" to include nested (transitive) group members

• epHomePhone: Replace <ext.prop.HomePhone> with the name of the extension property name that holds the home phone number of an AAD user object

• epPrivateMobilePhone: Replace <ext.prop.MobilePhone> with the name of the extension property name that holds the private mobile phone number of an AAD user object