Edit your Entra ID integration

In this topic, you will learn how to edit your Portnox™ Cloud integration with Entra ID. You will also learn about the meaning of additional options for this integration.

Before you begin, you must have a working integration with Entra ID.

To create an integration with Entra ID, read the following topic: Integrate with Microsoft Entra ID.

Note: Microsoft Azure Active Directory has been renamed by Microsoft and is now called Microsoft Entra ID.
  1. In the Cloud portal top menu, click on the Settings option.

  2. In the Cloud portal left-hand menu, click on the AUTHENTICATION REPOSITORIES tile.

  3. In the right-hand side pane, find and click on the AZURE ACTIVE DIRECTORY INTEGRATION SERVICE heading.

    The browser displays the configuration of your Entra ID integration under the AZURE ACTIVE DIRECTORY INTEGRATION SERVICE heading and description.

  4. Click on the Edit link below your configuration to start editing your Entra ID integration.

  5. If you want to turn off your Entra ID integration:
    1. Click on the Disabled/Enabled switch to put it in the Disabled position.

    2. Click on the Save button to turn off your Entra ID integration.
      Warning: Turning off Entra ID integration will cause Portnox Cloud to remove all users and devices that are registered with this integration. Cloud administrators using Azure Active Directory integration will not be removed.
    3. Click on the OK button in the confirmation window.

    Note: If you turn the integration on again, you will have to configure it from the beginning.
  6. If you want to disallow life cycle synchronization, click on the Allow life cycle synchronization checkbox to deactivate it.

    Life cycle synchronization means that Portnox Cloud will react to changes in the directory. For example, if this setting is on, and if you disable or delete an Entra ID user, all the devices associated with this user will be unregistered from Cloud. If this setting is off, you will have to unregister devices manually or wait until the retention period expires. By default, life cycle synchronization is on.

  7. If you want to turn on device synchronization, click on the Enable devices synchronization checkbox to activate it.

    If this setting is turned on, during periodic synchronization Portnox Cloud receives information about devices that have been removed from Entra ID and treats these devices as inactive (archived). If this setting is turned off, Cloud will archive inactive devices after the retention period is over (for information about retention periods, see the following topic: Device retention periods.

  8. If you want to check or change the application credentials that Portnox Cloud has in your Azure environment:
    1. Click on the AZURE AD APPLICATION CREDENTIALS heading.

      Portnox Cloud will show your Entra ID credentials under the AZURE AD APPLICATION CREDENTIALS heading.

    2. If needed, note down the Application (client) ID and the Object ID for the Web application and the Native application.

      These values cannot be changed. To change these values, you need to disable the Entra ID integration and start the integration process from scratch.

    3. If needed, change the Application secret for the Web application and/or the Native application.

      A secret for Web application can be different than the one for the Native application.

      If you change these values, make sure to change them in your Azure Portal, too.

  9. Click on the Save button to save your changes or click on the Cancel button to abandon all changes.

    After you click on one of the buttons, Portnox Cloud will exit the edit mode.