Skip to content

Implement Customer SSO via MS Entra

Enable customer users to authenticate via their organization's Microsoft Entra (Office 365) identity provider. Initial scope is Astrata Accounting only (single-tenant customers).

  • Configure FusionAuth as OIDC relying party to MS Entra
  • Support per-customer Entra tenant configuration
  • Customer creates app registration in their Entra tenant following our instructions
  • Customer enters app registration details (tenant ID, client ID, secret) via portal UI
  • Map Entra user attributes to FusionAuth user profile
  • Link SSO identity to existing user accounts when email matches
  • Users must be pre-registered before SSO login (auto-provisioning deferred to future work)