Microsoft Entra ID (Azure AD)

This article explains how you can integrate Timus with Microsoft Entra ID to enable users to sign in to your corporate network using their Microsoft Entra ID( Azure AD) account credentials.

By creating an app registration for Timus on Microsoft Entra ID, you can integrate all your Microsoft Entra ID users with Timus quickly and start monitoring and controlling user logs through Timus Manager. 

You can always sign in with one of your company's Office 365 accounts at any time to access the Microsoft Entra ID management portal.

Follow the steps below to register Timus Manager with Microsoft Entra ID: 

  • Click on Microsoft Entra ID under the heading Microsoft Entra ID Services on the Homepage or select Microsoft Entra ID from the left Portal Menu of the Microsoft Entra ID Portal. 

  • Select App Registrations from the menu on the left of the open page. Click + New registration.

  • Enter a user-facing display name for Timus apps. 

  • Choose the most suitable option for your account from first three supported account types:

  • Accounts in this organizational directory only (Default Directory only - Single tenant)

  • Accounts in any organizational directory (Any Microsoft Entra ID directory - Multitenant)

  • Accounts in any organizational directory (Any Microsoft Entra ID directory - Multitenant) and personal Microsoft accounts (e.g., Skype, Xbox)

  • For Redirect URL, choose a platform. In Timus's case, it would be the Web option. After that, enter this link:

  • Click the Register button. 

  • After you click the register button, you have successfully created a new application on Microsoft Entra ID. 

  • The opened page displays on the screen with Tenant ID and Client ID, which you need to enter the Microsoft Entra ID Configuration screen on Timus Manager. 

  • For Client Secret, you see Certificates and Secrets at the far left of the Timus page on the Microsoft Entra ID portal. 

  • Please click on it and go to this Certificates and Secrets page.

  • On this page, click on + New Client Secret.

  • The Add a Client Secret popup is on the screen.

  • Enter a name for the new client secret you are about to create here. Choose an expiration date, which is recommended to be 730 days (24 months) by us.

Microsoft Entra ID does not allow you to create a client secret more than 730 days (24 months), so that you are going to have to renew your client secret after two years.

The maximum duration of the client secret on Microsoft Entra ID is two years even if you choose custom expire date as shown in the image below:

  • Click Add.

  • After clicking Add, you will see Client Secret Value on the page.

Client secret values cannot be viewed, except for immediately after creation. Be sure to copy and save the secret when created before leaving the page.

Do not forget to grant API permissions before exiting the Microsoft Entra ID dashboard:

  • Click App Registrations from the shortcut list on the left of the Dashboard.

  • Click on the app you created for Timus on the page.

  • Click on API Permissions that you will view on the left of the page that opens.

  • Select Application Permissions.

  • Click User from the list under the Select Permissions heading and check User.Read.All.

  • Then, click Group from the list and check Group.Read.All.

  • Click the Add Permissions button.

  • Grant Admin Consent for Default Directory from the same screen for your added API permissions.

  • Go to Timus Manager> Settings> Integrations> Microsoft Entra ID> Enable screen.

  • Copy and Paste Tenant ID, Client ID, and Client Secret Value you have created into the empty fields on the Microsoft Entra ID Integration screen. 

  • Click  Confirm.

In the Microsoft Entra ID Integration window, you will see the two tabs, Preferences and Configuration.

  • Enable Synchronization ON from the Preferences.

  • Under Mapping, Choose the Microsoft Entra ID groups you want to synchronize. Users in the groups you choose will be added to the Microsoft Entra ID Users team on Timus.

  • Click Confirm.

  • You can change your Microsoft Entra ID credentials from the Configuration page.

  • You can disable the integration with the Disable Integration button from the Integrations page.

You have integrated your Timus and Microsoft Entra ID Users.

The synchronization process may require up to 30 minutes, but it could potentially take longer.

The duration of the synchronization depends on the amount of information you are synchronizing from the Microsoft Entra ID.

Last updated