When you integrate your Identity Provider (IdP) with a LinkedIn application using the System for Cross-domain Identity Management (SCIM) standard, user and group data is automatically provisioned into your account.
Because IdPs and Software-as-a-Service (SaaS) applications often use different attribute names and data models, entity mapping is required. Entity mapping ensures that the user and group data in your IdP correctly translates into the LinkedIn application. For the purpose of this article, we’ll use the Sales Navigator and LinkedIn Learning applications as examples.
How entity mapping works
Entity mapping is the process of aligning attributes in your IdP, such as Okta, Azure AD, and OneLogin, with attributes used in the Sales Navigator or LinkedIn Learning application. SCIM provides the standard schemas for users and groups, and mapping defines how those SCIM fields correspond to fields in the Sales Navigator or LinkedIn Learning application.
Entity mapping ensures that your IdP remains the single source of truth for identities while the Sales Navigator or LinkedIn Learning application reflects the correct users, groups, and permissions. Without mapping, attributes might not sync correctly, leading to provisioning errors or incomplete user records.
Microsoft Azure AD mapping
The following table illustrates the SCIM attribute mapping as it relates to Microsoft Azure AD.
| SCIM attribute mapping (limited to these fields for now) | Edit Profile |
|---|---|
| externalId | Unique User ID |
| username | |
| name.givenName | First Name |
| name.familyName | Last Name |
| title | Business Title |
| urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:department | Department |
| urn:ietf:params:scim:schemas:extension:enterprise:2.0:User:manager | Manager |
| displayName | displayName - It is saved in the user profile. |
| addresses[type eq "work"].locality | officeAddresses - It is saved under office addresses and not shown in the UI. |
| emails[type eq "work"].value | emailaddresses - Saved under emailAddresses - primary email is shown in the UI. |