Syncing a PoliteMail Contact List with Azure AD Group
Syncronym® from PoliteMail is a service that connects your lists of current contacts, such as from a Human Resources Information System (HRIS) or Azure Entra ID (Entra ID), and synchronizes that data with your PoliteMail lists. This way, your PoliteMail lists stay up to date automatically, even if you are a large organization with numerous staffing changes daily.
By default, however, Syncronym® only works one-way: that is, from your source system to PoliteMail. But what if you made changes to your PoliteMail list(s) and you want to write those updates back to Entra ID? An optional feature of Syncronym® allows this! With this option implemented, Syncronym will first fetch the contacts from the specified PoliteMail list, then add or remove members from the Azure AD group accordingly.
To get started with Syncronym and writebacks to Entra ID, please contact your Customer Success Manager!
Graph API Permissions
To enable this functionality, the following Microsoft Graph API Application permissions are required:
- Group.ReadWrite.All: This permission is required to read and update group properties and memberships. It allows the script to fetch the Azure AD group ID, add or remove members from the group, and check if a user is a member of the group. Note: If you already have Graph enabled, you already have the Group.Read.All; now this must also include the Write permission.
- User.Read.All: This permission is required to read user profiles. It allows the script to check if a user exists in Azure AD by querying their userPrincipalName. Note: If you already have Graph enabled, you should already have this permission set.
I don't want to give Write Permission!
The Write Permission is necessary to really automate the process and allow Syncronym to, er, write to Entra ID. If, however, this is an issue at your organization, we may be able to provide a process where you can do the write to Entra ID manually in-house. Please contact us for more information.