Breadcrumbs

Aidn

Aidn is a digital platform for health and care services. With the eADM integration, your municipality can provision users and groups to Aidn automatically from eADM — using the same SCIM mechanism Aidn supports for Entra ID, but with eADM as the source system.

When users are added, updated, or removed from the eADM export scope, Aidn is updated accordingly. Groups exported from eADM can be used for automated access management in Aidn when configured on the Aidn side.

Read more about Aidn at aidn.no.

What you need before Identum can configure eADM

Step 1: Generate SCIM credentials in Aidn

Follow Aidn's administrator guide for Entra setup, but only complete the Aidn admin steps — not the Entra provisioning steps.

Guide: Oppsett av Entra ID for administratorer

  1. Log in to Aidn as system administrator.

  2. Go to Administrasjon → AD integration (Entra ID integration).

  3. Copy the SCIM-endepunkt-URL (tenant URL).

  4. Generate a token. Copy it immediately — it is shown only once.

Send both values to your Identum contact through a secure password-sharing service.

Step 2: Tell us about your current setup

Please confirm:

Question

Why we need it

Do you already provision users from Entra ID to Aidn?

Existing Entra SCIM must be disabled before eADM takes over

Do you have existing users in Aidn?

Affects how we match users on first export

Which Aidn access groups do you need?

Drives eADM group and ruleset design

eADM imports fødselsnummer/D-nummer from your HR source and sends it to Aidn as personIdentifier. You do not need to supply or maintain this separately.

Step 3: Define your Aidn access groups

Aidn recommends a clear group model for automated access. Read:

Sette opp automatisk håndtering av tilgang i Aidn via Entra-grupper

Difference with eADM: Groups are not managed in Entra ID. They are created and maintained in eADM using eADM rulesets and permissions.

You should:

  1. Define which Aidn roles and arbeidssteder each group should grant.

  2. Agree on group names (Aidn recommends AIDN - <sted> - <rolle>).

  3. Decide who builds the eADM rules: you, your partner, or Identum.

One group = one access package in Aidn (same role, same sted, same tilleggsrettigheter).

What Identum configures in eADM

After we receive your SCIM URL and token, we:

  1. Add the Aidn sync step to your eADM sync cycle.

  2. Configure permissions so the right employees are in scope.

  3. Create export groups (if you use group-based access).

  4. Set up user and group export templates.

  5. Run a test export and share the results for your review.

  6. Activate the integration on an agreed date.

You do not need to create an Entra Enterprise Application for Aidn provisioning when using eADM.

What happens after go-live

Users

New users synced to Aidn appear in Ventende (pending). An Aidn administrator must assign roles before the user becomes active — unless group-based automatic access covers them.

Users removed from the eADM export scope are deactivated in Aidn. You do not need to manually offboard in both systems.

Groups (if used)

Exported groups appear under TilgangsgrupperEksterne grupper in Aidn.

Your Aidn administrator must:

  1. Open each group → Sett opp gruppe

  2. Select rolle, arbeidssted, and any tilleggsrettigheter

  3. Enable Automatisk tilgang

See the Aidn guide linked in Step 3 for details.

HelseID linking

After access is granted, each user must log in once with Entra and complete HelseID linking in Aidn. This is an Aidn requirement, not an eADM step.

Optional: create export groups yourself

If you prefer to create Aidn export groups in eADM:

Field

Guideline

Description

Human-readable name — becomes displayName in Aidn. Use Aidn naming convention.

SourceID / Name

Stable technical id, e.g. AIDN-Voss-sykepleier

Parent (Underlagt)

Must be aidn — used by export rules

Notify your Identum contact when groups are ready so we can connect rulesets and export templates.

Information to send Identum

  • SCIM-endepunkt-URL from Aidn
  • Token from Aidn (secure channel)
  • Confirmation whether Entra → Aidn SCIM is in use today
  • List of Aidn access groups needed (names + intended roles/steder)
  • Preferred go-live date

Support boundaries

Identum supports the eADM → Aidn data sync (users, groups, membership).

Identum does not provide end-user support for the Aidn application, Aidn role configuration, or HelseID linking. Contact Aidn support for Aidn-specific issues.

FAQ

Can we keep Entra SCIM and eADM at the same time?
No. Only one SCIM source should provision to Aidn.

Do we manage groups in Entra?
No. With eADM, groups and membership rules live in eADM.

What if we only need user sync, not groups?
Possible. Users can be synced without group export; roles are then assigned manually in Aidn.

What user data is sent?
Standard export includes name, username (UPN), work email, and fødselsnummer/D-nummer (personIdentifier) from your HR source. Phone and address fields can also be mapped if needed.

Last updated: