uslimato
|

Microsoft Entra ID

Microsoft Entra ID Integration

The Microsoft Entra ID integration synchronizes users from your Azure Active Directory / Entra ID tenant with Uslimato. This keeps your user data up to date automatically, without manual maintenance.

Prerequisites

  • Interface Hub must be enabled in your plan (Professional or Enterprise)
  • An Azure App Registration with the following API permissions:
    • User.Read.All (Application permission, admin consent required)
  • The App Registration requires:
    • Tenant ID (Directory ID)
    • Client ID (Application ID)
    • Client Secret

Setting Up the Azure App Registration

  1. Navigate to portal.azure.com > Microsoft Entra ID > App registrations
  2. Click New registration
  3. Name: e.g. "Uslimato Integration"
  4. Supported account types: "Accounts in this organizational directory only"
  5. Click Register
  6. Note the Application (client) ID and Directory (tenant) ID
  7. Under Certificates & secrets > New client secret
  8. Note the Value (displayed only once)
  9. Under API permissions > Add a permission > Microsoft Graph:
    • Application permissions: User.Read.All
  10. Click Grant admin consent

Configuring the Connector

  1. Navigate to Integrations in the sidebar
  2. Click Configure on the "Microsoft Entra ID" tile
  3. Enter your Azure Tenant ID, Client ID, and Client Secret
  4. Optional: Choose the Sync Scope (Users or Users and Groups)
  5. Set the Sync interval (depends on your plan)
  6. Click Create
  7. Use Test connection to verify the configuration

Synchronization

What Gets Synchronized?

Entra ID FieldUslimato FieldDescription
displayNameDisplay nameUser display name
mail / userPrincipalNameEmailEmail address (matching key)
accountEnabledActive statusActive/inactive status

Matching Logic

  • Primary key: Email address (mail or userPrincipalName)
  • New users are created as asset users (role: viewer, no HGE ID account)
  • Existing users are updated (display name, active status)
  • Disabled Entra users (accountEnabled: false) are deactivated in Uslimato
  • HGE ID linkage: If an HGE ID account with the same email already exists, the linkage is preserved

Manual Sync

Click Sync now on the integration tile to trigger an immediate synchronization.

Automatic Sync

When the integration is enabled, Uslimato synchronizes automatically at the configured interval. The minimum interval depends on your plan:

PlanMinimum Interval
Professional60 minutes
Enterprise30 minutes

Webhook Notifications

For real-time updates, you can enable Microsoft Graph Change Notifications. This notifies Uslimato immediately when users are created, modified, or deleted in Entra ID.

Sync Log

Under Sync log you can view the history of all synchronizations, including:

  • Number of processed, created, updated, and failed records
  • Status (Success, Partial, Failed)
  • Error details for any issues

Security

  • Credentials (Client Secret) are stored encrypted and protected with industry-standard encryption
  • Credentials are never exposed in API responses or logs
  • Connection uses a secure server-to-server connection
  • All sync operations are recorded in the audit log