Microsoft Entra

From Planfix
Jump to: navigation, search

Integration with Microsoft Entra allows your company's employees to log in to Planfix and other services using a single password (Single Sign-On, or SSO). This increases convenience and security, and simplifies user account management.

Supported Features

  • IdP-initiated login (SSO)
  • SP-initiated login
  • Just-In-Time (JIT) user creation
  • SCIM Provisioning

SCIM Provisioning Features

  • User creation
  • User data update
  • User deactivation
  • User import

Setup Steps

Steps in Planfix

  • Go to Account management — Integrations — Single Sign-On.
  • Activate the integration with Microsoft Entra.

Steps in Microsoft Entra

  • Create an Enterprise Application
    • Open the Microsoft Entra console with an administrator account.
    • Go to Applications — Enterprise applications.
    • Click + New application — + Create your own application.
    • Set a name, for example: Planfix Entra.
    • In the assignment section, select: 
      Integrate any other application you don’t find in the gallery (Non-gallery)
    • After creating the application, open its card.
  • Configure SAML SSO
    • In the application menu, open Single sign-on and select the SAML method.
    • In the Basic SAML Configuration block, specify the following data:
Field Value
Identifier (Entity ID) https://{account_planfix_url}/saml2/service-provider-metadata/entra
Reply URL (Assertion Consumer Service URL) https://{account_planfix_url}/saml2/sso/entra
  • Save the settings.

Steps in Planfix

  • Return to Integrations — Single Sign-On.
  • In the Metadata URI field, enter the App Federation Metadata Url copied from the Entra application settings.
  • Save the changes.

Assigning Users

  • In the application settings, open the Users and groups section.
  • Add users or groups who need access to Planfix via SSO.

Testing

  • In the Single sign-on section of the application in Entra, click the Test button.
  • Make sure that redirection and authorization via Planfix work correctly.

SCIM Provisioning Setup

  • In the Entra application, go to Provisioning — Provisioning.
  • In the Provisioning Mode field, select Automatic.
  • In the Admin Credentials section, specify:
Field Value
Authentication Method Bearer Authentication
Tenant URL SCIM URL from Planfix settings
Secret Token SCIM Token from Planfix settings
  • Click Test Connection to check the connection.
  • Go to the Mappings section and disable the Provision Microsoft Entra ID Groups option.
  • Save the changes.

Final Integration Check

Make sure all points are completed:

  • SSO integration with Microsoft Entra is activated in Planfix.
  • An Enterprise Application is created in Entra and SAML SSO is configured correctly.
  • The Metadata URI value from the Entra application is specified in Planfix.
  • Users (or groups) are assigned to the application in Entra.
  • A successful authorization test (Test) has been performed in Entra and login via Planfix works.
  • SCIM Provisioning is set up, connection tested (Test Connection).
  • Automatic group creation in SCIM Mappings is disabled (Provision Microsoft Entra ID Groups).
  • Users are correctly created or updated in Planfix via SCIM.


Go To

Retrieved from "http://planfix.com/help/index.php?title=Microsoft_Entra&oldid=26712"