Integrating SailPoint with Microsoft Entra ID

(Formerly Azure Active Directory)

Revised Date: 20 December 2024

Important

  • If you want to enable additional cloud governance features for your Entra Cloud Objects (for example, visualization of effective access, Azure Cloud Object Management , such as, Management Groups, Subscriptions, Resource Groups and Role Assignment or Service Principal Accounts Management), you must have SailPoint CIEM license. Contact your SailPoint Customer Success Manager to request access and for more information.

    For more information on the additional features supported with cloud governance, refer to the table at the end of the Azure Cloud Object Management topic.

  • Microsoft Entra ID is the new name for the Azure Active Directory connector. This guide refers to the connector as Microsoft Entra ID except where Azure Active Directory is still utilized, such as in some user interface configurations. When configuring a new connector, it will still be displayed as Azure Active Directory in the source type list.

The SailPoint Microsoft Entra ID connector manages the users and groups in Microsoft Entra ID. Microsoft Entra ID is the directory for all cloud based organizational Microsoft Directory services including Microsoft Office 365.

The SailPoint Microsoft Entra ID connector:

  • Can also be used to provision users into a federated domain in Microsoft Entra ID.

  • Uses Retry-After value to retry API request. It uses exponential back-off if Retry-After value is not returned by API.

  • Uses Microsoft Graph APIs to manage users, groups and licenses.

Azure is Microsoft’s cloud solution platform, which provides plenty of cloud services such as IaaS, PaaS, or SaaS. Azure uses Microsoft Entra ID as its authentication source to provide access on different services to users. Azure has management container objects which are used to group resources and manage access to them.

The Microsoft Entra ID connector provides support for access management of Azure Management Objects along with managing of the Microsoft Entra ID Management Objects.

Note
To view the latest features, enhancements, and fixes for all SaaS connectors, refer to the SaaS Release Notes page.