Appterix
Menu
Skip to main content
How can we help?
Table of Contents
<All topics
Print

Microsoft Entra ID integration

By integrating the EM Platform Server with Microsoft Entra ID, users, organizational units, and computers can be synchronized from Microsoft Entra ID. Furthermore, synchronized users can securely log in to the EM Platform Server with their Microsoft accounts using single sign-on (SSO).

This article provides detailed instructions for configuring and managing the Microsoft Entra ID integration.

Integrate EM Platform Server with Microsoft Entra ID

Procedure

Step 1: Register an application in the Microsoft Entra tenant

Step 2: Grant permissions for the Microsoft Entra application

Step 3: Generate a client secret for the Microsoft Entra application

Step 4: Connect EM Platform Server with Microsoft Entra ID

Step 1: Register an application in the Microsoft Entra tenant

Register a Microsoft Entra application that will be used to connect between the EM Platform Server and the Microsoft Entra ID.

How to register an application

– Open Microsoft Azure Portal

– Navigate to Microsoft Access ID > App registrations.

– Register your application:

– Click New registration.

– Enter the required registration information for your application.

– Click Register.

The Application ID (client) and the pioneering  Directory ID (client) will be on the page Overview The values ​​are displayed. Copy these values, as they will be needed in step 4.


Step 2: Grant permissions for the Microsoft Entra application

Grant the Microsoft Entra application the necessary API permissions so that it can access defined data in Microsoft Entra ID.

How to grant permissions

– Select your application in Microsoft Entra ID.

– In the left-hand menu of the Microsoft Entra application, navigate to API permissions.

– Click Add permission.

– Add the following API permissions:

Directory.Read.All

Group.Read.All

User.Read.All

UserAuthenticationMethod.ReadWrite.All

– Click Grant administrator approval for…, to grant permission for the application. Microsoft Entra ID was successfully configured.


Step 3: Generate a client secret for the Microsoft Entra application

Generate a client secret to authenticate the application during integration.

How to generate a client secret

– In the left-hand menu of the Microsoft Entra application, navigate to Certificates & Secrets > Client secrets.

– Click New client secret.

– After creation, copy the value of the client secret, as this will be needed in step 4.

Step 4: Connect the EM Platform Server to the Microsoft Entra ID

After all configuration steps in Microsoft Entra ID are completed, configure the Microsoft Entra ID connector to connect EM Platform Server to Microsoft Entra ID.

How to connect EM Platform Server to Microsoft Entra ID

– In the EMPlatform UI, select your organization if you have multiple organizations.

– Navigate to Settings > Integrations.

– Click Add connector.

- Choose Microsoft Access ID from the list of available connectors, and click on Continue.

– Enter under Connector details Enter the name and (optionally) the description.

– Click Continue.

– Enter under Connection settings Enter the values ​​you received from Microsoft Entra ID:

 Application ID (client) 

Directory ID (client)

 Secret Key 

– Click Save.



The authentication settings are generated automatically and can be found under authentication saved. These will be needed later for activating SSO with Entra ID.

Next Steps

– Configure synchronization rules to synchronize users, organizational units, and computers with EM Platform Server.

– Enable SSO so that synchronized users can log in to the EM Platform Server with their Entra ID credentials.

Synchronizing Microsoft Entra ID users with EM Platform Server

This article describes how to configure synchronization rules for Microsoft Entra ID users.

Requirements

– Before configuring the synchronization rules, make sure you have integrated EM Platform Server with Microsoft Entra ID.

Here's how to configure synchronization rules:

– Navigate to Settings > Integrations.

– Select the Microsoft Entra ID connector.

- Choose Configuration settings > Synchronization configuration.

– Activate Synchronization configuration, and set the following options:

– (Optional) Activate Filter, and then click Connect, to retrieve available filters.

– Select the desired administrative units and groups.

– Choose from User ID, how users are identified.

– (Optional) Activate Automatically activate new users, to automatically synchronize newly synchronized users Active to set. If this option is disabled, imported users will receive the status Imported and must be invited.

– (Optional) Activate Timetable, in order to schedule an automatic synchronization.

– Set the synchronization frequency.

– Click Save.

After successful synchronization, imported users will appear in the area User with the marking Microsoft Access ID The synchronization status is displayed. Synchronized updated.

Next Step

– If you want to allow synchronized users to log in to EM Platform Server with their Microsoft accounts, you need to configure the SSO option.

Enable login to EM Platform Server using Entra ID login credentials

This article describes how to configure the SSO feature so that users synchronized from Microsoft Entra ID can securely log in to EM Platform Server with their Microsoft accounts.

Requirements

Before configuring authentication with Entra ID credentials, make sure that you:

– EM Platform Server integrated with Microsoft Entra ID.

– Users have synchronized from Microsoft Entra ID with EM Platform Server.

Procedure

Step 1: Activate SSO with Microsoft Entra ID

Step 2: Add redirect URIs to the Microsoft Entra application

Step 1: Activate SSO with Microsoft Entra ID

How to activate SSO

– Navigate to Settings > Integrations.

– Select the Microsoft Entra ID connector.

- Choose Configuration settings > authentication.

– Activate Enable Single Sign-On (SSO) with Entra ID.

– (Optional) If you need to support multi-tenant authentication, enable Configure login credentials for SSO, and enter Application ID (client) and Directory ID (client) .

– Click Save.


Step 2: Add redirect URIs to the Microsoft Entra application

To complete the SSO configuration, you need to add the required redirect URIs to Microsoft Entra ID.

– Open the Microsoft Azure portal

– Select your application.

– In the left-hand menu of the Microsoft Entra application, navigate to authentication.

– Add the redirect URIs ( Callback path and Disabled callback path (Front-Channel opt-out) added.

– Click Save.

Synchronized users can now log in directly to the EM Platform Server using their Entra ID login credentials.

Published
Updated
FromEgoMind