Skip to content
  • There are no suggestions because the search field is empty.

Setting up User Management

This article explains how to manage AskCody users through Entra ID (SCIM) and when to invite users during rollout.

Automatic user management with Microsoft Entra ID (SCIM)

AskCody supports automatic user management through Microsoft Entra ID using SCIM provisioning. This means that:

  • Users and groups you include in your Entra ID provisioning scope are automatically created in AskCody

  • Role memberships in AskCody follow the groups you provision from Entra ID

  • Updates to users, groups, and access are handled automatically going forward

For the full setup steps, follow this guide:
Set up automatic user management with Microsoft Entra ID

Below you’ll find the key recommendations to keep in mind during rollout.

Start small, then expand
With SCIM you don’t need to provision everyone at once. Begin with a limited scope (your project team), validate the setup, and expand scope at go-live.

The three steps in the user management process:

1. Inviting the Project team

As we explained in Step 3 - Inviting your project team, it is important to start with a small set of stakeholders when implementing a platform like AskCody.

We recommend inviting the project team first and giving them access early so they can test the setup, validate booking and service flows, and help shape the adoption plan. At this stage, you typically don’t want the full organization provisioned yet.

Why start with the project team?

Inviting the project team first ensures you can test and adjust the AskCody setup before the rest of the organization gets access. This helps avoid confusion and supports a smooth go-live.

2. Inviting the rest of the organization to the AskCody Platform

The next step in the user management process happens right before AskCody go-live in your organization. This is where you expand the Entra ID provisioning scope to include:

  • users who need access to AskCody Web Portals (reception/front desk, service/hospitality teams, facility managers, etc.)

  • users who need access to the Outlook Add-ins

Once the scope is expanded, users will be provisioned automatically and receive access according to the roles their Entra ID groups are mapped to in AskCody.

Align timing with adoption
Expand the provisioning scope only when communication and training are ready, so users understand what AskCody is and how to use it from day one.

Define user groups for AskCody roles

Before expanding provisioning to the full organization, decide which Entra ID groups should represent AskCody roles. You can either use existing Entra ID groups, or create new groups specifically for AskCody.

With SCIM provisioning, there is no need to replicate your entire Entra ID structure into AskCody. Since only groups added to the provisioning scope will be synced, you should limit the scope to groups that require access. This approach ensures that AskCody user management remains simple and predictable.

Recommended AskCody-Specific Groups

Even if you use broader Entra ID groups, it is still a good idea to create a few AskCody-specific groups for key roles. This gives you clear control over access and makes long-term administration easier.

Below is an example of common groups and what they typically map to in AskCody (your setup may vary. Click here to learn about all roles):

User Groups (Entra ID)

 AskCody Roles
Owners
The users who should have access
to the whole Platform		 Owner role, Add-in user
Facility Managers Resource Administrator, Dashboard Administrator, Display Administrator, Insights Portal User, Add-in User
Service teams/Hospitality team Administrators Services Administrator, (Add-in User)
Service teams/Hospitality team Services Portal Users, (Add-in User)
Receptionists/Front desk Visitors Administrator, Add-in User
Secretaries, PAs, meeting coordinators Add-in User, Add-in User Delegated Access, Search Specific Room
Add-in Users
Bookings Add-in, Visitors Add-in, Services Add-in		 Add-in User


Owners group
We always recommend having a dedicated Owners group in Entra ID. Add the organization’s AskCody Owners here (often IT or platform admins). This makes it easy to manage users who need full access to AskCody without mixing Owners into other role groups.

3. Start (or resume) provisioning

Once your groups are defined and scoped correctly, you can start or resume SCIM provisioning in Entra ID.

From that point on:

  • new users in scoped groups are automatically created in AskCody

  • users removed from scoped groups automatically lose access

  • role memberships always reflect your Entra ID group structure

Managing internal vs. external users

AskCody supports both internal employees and external users such as consultants, vendors, or temporary staff. How you manage them depends on who they are and how you want to control access.

Internal vs. external users

  • Internal employee? → Provision via Entra ID (SCIM)

  • External user? → Either provision via Entra ID or create manually in AskCody

Internal users (employees)

For internal users (meaning people who are part of your organization and already exist in Microsoft Entra ID) we strongly recommend managing them through Entra ID SCIM provisioning.

This ensures that access, roles, and user lifecycle (joiners, movers, leavers) are handled automatically and stay aligned with your organization’s identity management.

External users (non-employees)

For external users who are not part of your internal Entra ID directory, you have two valid options:

Option A: Manage externals through Entra ID
If you want the same automated lifecycle as employees, you can create accounts for external users in Entra ID and include them in the SCIM provisioning scope.

This is usually the best choice when:

  • externals need ongoing or repeated access

  • you want centralized access control in IT

  • the external users should follow the same role/group rules as employees

Option B: Create and manage externals manually in AskCody
If external users are only invited occasionally, or you don’t want to manage them in Entra ID, you can create them manually in AskCody. This works well when:

  • they use a different email domain

  • access is temporary or ad-hoc

  • your IT policy doesn’t allow external accounts in Entra ID

Implementation Checklist (recommended rollout order)

Use this checklist to roll out AskCody access in a controlled way:

  • Set up SCIM provisioning in Entra ID
    Follow the full guide here:
    https://help.askcody.com/set-up-automatic-user-management-with-microsoft-entra-id

  • Decide who should be provisioned (internal vs. external)
    Internal employees should be managed through Entra ID. External users can be managed via Entra ID or created manually in AskCody.

  • Create or confirm Entra ID groups for AskCody roles
    Decide which groups should map to AskCody roles (Owners, Services Admins, Reception, Add-in users, etc.).

  • Add only the project team to the provisioning scope
    Start small so the project team can test bookings, services, and visitors before go-live.

  • Validate roles and meeting flows in AskCody
    Confirm correct access, room booking rules, service request flow, and visitor handling.

  • Prepare adoption communication and training
    Make sure end-user guidance is ready before broad access is enabled.

  • Expand provisioning scope at go-live
    Add the remaining relevant groups so operational teams and end-users get access at the right time.

  • Let Entra ID handle ongoing user lifecycle
    After go-live, user access and roles stay automatically updated through SCIM provisioning.