Groups help admins manage access at scale by assigning permissions to a set of users at once. With Azure AD SCIM provisioning, WorkBoard can automatically sync groups so you don’t have to create and maintain them manually.
Configure SCIM
What you need:
Admin access in Azure AD
Admin access in WorkBoard
SCIM provisioning is enabled for your WorkBoard Azure AD application
Step 1: Configure SCIM provisioning in Azure AD
To set up SCIM for WorkBoard in Azure AD, follow the official step-by-step guide:
This article walks you through:
creating/configuring the Azure AD enterprise app for WorkBoard,
enabling Provisioning,
entering the SCIM endpoint and credentials,
testing the connection,
and turning provisioning on.
After provisioning is enabled, Azure AD will begin sending updates to WorkBoard during sync cycles.
Step 2: Assign groups in Azure AD
Azure AD only provisions the users and groups that are assigned to the WorkBoard application (depending on your Azure configuration and provisioning scope).
In Azure AD:
Open the WorkBoard Enterprise Application.
Go to Users and groups.
Add the groups you want to sync to WorkBoard.
Once assigned, Azure will include those groups in SCIM provisioning.
Step 3: Confirm groups in WorkBoard
In WorkBoard, go to: Admin Tools → Org Management → Groups
This is where synced groups will appear.
Step 4 (Optional): Create Teams from synced groups
Your organization can choose whether synced Azure AD groups also create Teams in WorkBoard. If enabled, each synced group can create a corresponding team that’s visible in the product. If disabled, groups still appear in Admin Tools → Groups, but Teams aren’t created from them.
Please contact your Customer Success Manager or the WorkBoard Support Team to have this setting enabled for your account.
What happens when groups change in Azure AD
Group removed from the Azure app
If a group is removed from the WorkBoard application assignment in Azure AD, the group is deleted in WorkBoard as part of the sync.
If your organization is configured to create Teams from synced groups, the corresponding Team is deactivated (so it’s no longer active but retained for history).
Group removed and added again
If a group is later added back to the WorkBoard app in Azure AD, the group is created again in WorkBoard during the next sync.
If Teams are created from synced groups, a corresponding Team is created again, while the previous Team remains deactivated.
This ensures the UI reflects the current Azure assignment state and avoids reactivating older team records automatically.