Microsoft Entra ID (Active Directory) Integration

  • Updated on Jul 21, 2025
  • 2 minute(s) read
Prev Next

The Microsoft Entra ID (formerly Active Directory) integration will allow you to authenticate the users of your Progressive Web App or Approvals solution against your own existing Entra ID user pool. CivicPlus's Entra ID integration uses SAML 2.0.

Important Note

Configure Entra ID App

  1. To use the integration, you must have an Entra ID App configured. In the example below, we are using the Enterprise application and choosing the Integrate any other application you don't find in the gallery (Non-gallery) option. Create your own application button with the integrate any other application option selected.

Progressive Web App Instructions

  1. Sign in to your site

  2. Navigate to Apps and click Manage on your app Manage app.

  3. Navigate to the Developer Tools tab Developer Tools tab.

  4. Click the Configure SAML button under Integrate with a SAML SSO Provider Configure SAML button.

  5. Follow the SAML Configuration & Instructions SAML Configuration instructions.

    • Entra ID Setup

      1. Create a Single Sign-On application in your Entra ID

      2. Copy the Identifier (Entity ID) into your application configuration

      3. Copy the Reply URL (Assertion Consumer Service URL) into your application configuration

      4. Copy the App Federation Metadata URL from your Single Sign-On application SSO configuration.

    • App Federation Metadata Url: Enter the URL you copied from your application

    • Mapping Additional User Details: The listed claims can be added to your Single Sign-On application which will be included in the submission data

  6. Click SaveSave button.

    Note: After clicking the Save button, users will be redirected straight to your Entra ID login screen when clicking the Login button in this app.

Approvals Instructions

  1. Sign in to your site

  2. Navigate to the Approvals tab Approvals menu.

  3. Select the Approvers tab Approvers tab.

  4. Enable the Integrate with a SAML SSO Provider toggle Enable SAML toggle.

  5. Click Edit Groups to configure the groups assigned to your SAML users Edit Groups button.

    Note: Your existing groups will not carry over as SAML groups. These will need to be reconfigured if you have existing flows using the same group name.

  6. Click Add GroupAdd Group.

  7. Add a group name and enter the notification email addresses for the group Group name and email address fields.

    Note: To ensure your users have access to the correct approvals, you will need to map the configured group name to your SAML user claims.

  8. Click SaveSave Group button.

  9. Follow the SAML Configuration & Instructions for your Entra ID / Active Directory integration Active Directory fields.

    • Entra ID Setup

      1. Create a Single Sign-On application in your Entra ID

      2. Copy the Identifier (Entity ID) into your application configuration

      3. Copy the Reply URL (Assertion Consumer Service URL) into your application configuration

      4. Copy the App Federation Metadata URL from your Single Sign-On application Active Directory configuration.

      5. App Federation Metadata Url: Enter the URL you copied from your application

      6. Mapping Additional User Details: The listed claims can be added to your Single Sign-On application, which will be included in the submission data

        Note: To ensure your users have access to the correct approvals, you will need to map the configured group name to your SAML user claims.

  10. Click SaveSave button.

Resources

Related articles