Set up Microsoft Entra connector
This article describes how to set up Microsoft Entra connector, which is a cloud-based identity and access management service that enables employees access external resources. The connector acts as a middleware between Entra ID and Identity Manager by exposing a SCIM API for Identity Manager to connect to as a datapool and manage users as core object templates.
<SMARTIDHOME>
In this article, <SMARTIDHOME> refers to /home/nexus, but this can be different depending on the setup.
Prerequisites
The IDM version needs to be 5.0.0 as a minimum.
Read the official documentation regarding how to authenticate and other important topics here.
Step-by-step instruction
Set up Microsoft Entra
Authentication
The Entra ID Connector supports two types of authentication to the Graph API, via client secret or certificate.
Configure the Entra ID Connector in config/entra-id.yaml. You can configure host, security, and authentication in the configuration file.
Docker
Open the environment file <SMARTIDHOME>/compose/smartid.env for editing.
Set the properties for the following three variables to fit your deployment:
PRIME_CONNECTORS_VERSION=2408.0.0
## - Entra ID Connector propertiesENTRA_ID_CONNECTOR_PORT=8083ENTRA_ID_REQUEST_INTERCEPTOR_ENABLED=falseENTRA_ID_CONNECTOR_CLIENT_ID=# client secret authentication settingENTRA_ID_CONNECTOR_CLIENT_SECRET=# cert authentication settingsENTRA_ID_CONNECTOR_CERTIFICATE_PATH=classpath:certs/ENTRA_ID_CONNECTOR_CERTIFICATE_PASSWORD=ENTRA_ID_CONNECTOR_ENCRYPTION_KEY=ENTRA_ID_CONNECTOR_ENCRYPTION_SALT=
Tomcat (stand-alone)
Adapt the config files in the WEB-INF/classes/config folder.