Microsoft Entra Integration (SAML)

Microsoft Entra SSO Integration with TrustWorks simplifies user management and enhances security by providing a seamless application access experience for your users. By leveraging Microsoft Entra's SAML integration, you can streamline user access and data protection across your organisation, enhancing security and compliance with privacy regulations.

Prerequisites

  • An active Microsoft Entra account with administrator access.
  • TrustWorks account with administrator access.

Microsoft Entra Configuration

Add TrustWorks application

To add an enterprise application to your tenant:

  1. Sign in to the Microsoft Entra admin center as at least a Cloud Application Administrator.
  2. Browse to Identity > Applications > Enterprise applications > All applications.
  3. In the Add from the gallery section, type TrustWorks in the search box.

  1. Select TrustWorks from results panel and then add (create) the app. Wait a few seconds while the app is added to your tenant.


Configure Single Sign-On

  1. Navigate to TrustWorks > Single sign-on.

  1. Select SAML as your single sign-on method.


  1. Save single sign-on settings and refresh the page. The Reply URL information will be set automatically by Microsoft using the following URL:

    https://api.trustworks.io/v1.0/saml/microsoft_entra_id/callback   

  1. Copy the following details for integration with TrustWorks:
  • x.509 Certificate: The certificate used to verify the SSO response signature. The certificate content should be enclosed between the "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" statements.

  • Login URL: The URL where users will be redirected for authentication.
  • Microsoft Entra ID Identifier: The unique identifier for your Microsoft Entra instance.


Assign Users and Groups

  • In your application's settings, navigate to "Users and groups."
  • Add the users or groups that will have access to TrustWorks through Microsoft Entra SSO.

Integration Setup Instructions

Configuring the integration in TrustWorks

  1. Navigate to Settings > Integrations
  2. Click the + New Integration button
  3. Select Microsoft Entra from the list of integration types

  1. Give the integration a descriptive name for easy identification.
  2. Choose the authentication method as SAML
  3. Select Default Roles: Specify the default roles to be assigned to new users (Member and/or Admin) created through this integration. If left empty, a new user will be created with both roles in TrustWorks.
  4. Allow only Entra ID access: Toggle On/Off

Enable this option if you want to disable TrustWorks email/password login and only allow access through Microsoft Entra SSO.

  1. Identity Provider (IdP) Configuration
  • Fill out the following IdP details:
    • Identity Provider (IdP) Login URL
    • x.509 Certificate
    • Microsoft Entra ID Identifier
  1. Test Connection
  • After providing the required IdP details, press the "Test Connection" button to verify the integration's functionality.

  • If the details entered are correct and the test is successful, save the integration.

Accessing TrustWorks through Microsoft My Apps

Once a user has been assigned to the TrustWorks application in Microsoft Entra, they can access TrustWorks from Microsoft My Apps:

https://myapps.microsoft.com/

If the integration has been configured correctly in TrustWorks, the user can click the TrustWorks application from Microsoft My Apps and will be redirected to the TrustWorks platform.

Still need help? Contact Us Contact Us