Microsoft Entra Integration (SAML)
Microsoft Entra SSO Integration with TrustWorks simplifies user management and enhances security by providing a seamless application access experience for your users. By leveraging Microsoft Entra's SAML integration, you can streamline user access and data protection across your organisation, enhancing security and compliance with privacy regulations.
Prerequisites
- An active Microsoft Entra account with administrator access.
- TrustWorks account with administrator access.
Microsoft Entra Configuration
Add TrustWorks application
To add an enterprise application to your tenant:
- Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
- Browse to Identity > Applications > Enterprise applications > All applications.
- In the Add from the gallery section, type TrustWorks in the search box.
- Select TrustWorks from results panel and then add (create) the app. Wait a few seconds while the app is added to your tenant.
Configure Single Sign-On
- Navigate to TrustWorks > Single sign-on.
- Select SAML as your single sign-on method.
- Save single sign-on settings and refresh the page.
- Copy the following details for integration with TrustWorks:
- x.509 Certificate: The certificate used to verify the SSO response signature. The certificate content should be enclosed between the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" statements.
- Login URL: The URL where users will be redirected for authentication.
- Microsoft Entra ID Identifier: The unique identifier for your Microsoft Entra instance.
Assign Users and Groups
- In your application's settings, navigate to "Users and groups."
- Add the users or groups that will have access to TrustWorks through Microsoft Entra SSO.
Integration Setup Instructions
Configuring the integration in TrustWorks
- Navigate to Settings > Integrations
- Click the + New Integration button
- Select Microsoft Azure from the list of integration types
- Give the integration a descriptive name for easy identification.
- Choose the authentication method as SAML
- Select Default Roles: Specify the default roles to be assigned to new users (Member and/or Admin) created through this integration. If left empty, a new user will be created with both roles in TrustWorks.
- Allow only Azure access: Toggle On/Off
Enable this option if you want to restrict access to the system by TrustWorks email/password and only allow access through Microsoft Entra SSO.
- Identity Provider (IdP) Configuration
- Fill out the following IdP details:
- Identity Provider (IdP) Login URL
- x.509 Certificate
- Microsoft Entra ID Identifier
- Test Connection
- After providing the required IdP details, press the "Test Connection" button to verify the integration's functionality.
- If all the details entered were correct and test was successful you can proceed to save the integration.