Add Microsoft Entra ID to Zoho Directory
Prerequisites:
Roles required to perform this action :
- Organization Owner
- Organization Admin
Add Entra ID to Zoho Directory
Using API
Using SCIM
Using API
In Microsoft Entra ID:
- Sign in to Microsoft Entra admin center.
- In the left panel, click Entra ID, then click App registrations.
- Click New registration and enter the Name for your application.
- Under Supported account types, select Accounts in this organizational directory only.
- Under Redirect URI, select Web from the drop-down, and enter the URL based on your DataCenter(DC) from the below table:Data CenterRedirect URIJapanhttps://directory.zoho.jp/provision/oauth/callbackUShttps://directory.zoho.com/provision/oauth/callbackEuropehttps://directory.zoho.eu/provision/oauth/callbackChinahttps://directory.zoho.com.cn/provision/oauth/callbackIndiahttps://directory.zoho.in/provision/oauth/callbackAustraliahttps://directory.zoho.com.au/provision/oauth/callbackUKhttps://directory.zoho.uk/provision/oauth/callbackCanadahttps://directory.zohocloud.ca/provision/oauth/callbackSaudi Arabiahttps://directory.zoho.sa/provision/oauth/callback
- Click Register. You will be redirected to the Overview page when the app is registered.
- Copy the Application (client) ID, Object ID, and Directory (tenant) ID to your clipboard.
- Navigate to Certificates & secrets, then click New client secret.
- Enter a Description and click Add.
- Copy the generated Value to your clipboard.
In Zoho Directory
Add store
- Sign in to Zoho Directory, then click ADMIN PANEL in the left menu.
- Go to Directory Stores, and click Add Directory.
- Click Add under Microsoft Entra ID.
- In the API INTEGRATION section, enter the Tenant ID, Object ID, Client ID, and Client Secret copied from Microsoft Entra ID, and click Next.
- In the popup that opens, provide your consent using the check box and click Accept.
If you do not have an active session in the same browser, you must
enter the credentials of your Microsoft Entra ID admin account to
authenticate.
Configure field mapping
Under FIELD MAPPING,
map the fields available in Zoho Directory to the fields in Microsoft
Entra ID. During import, user data from Microsoft Entra ID will be
updated in Zoho Directory fields based on the configuration in this
section.
You can choose how to map fields
from Microsoft Entra ID with a hard-coded value in Zoho Directory. For
example, you can configure the work location for all users synced from
Microsoft Entra ID to be "India" in Zoho Directory.
To do this:
- Hover over the field you wish to configure a hard-coded value and click Edit next to a field.
- Select Hard-coded value and enter the value you to update.
- Click Ok.
In
similar way, you can choose to map fields from Microsoft Entra ID to
contain a custom Microsoft Entra ID attribute. Learn how to create
custom attributes in Zoho Directory
To do this:
- Hover over the fields you wish to configure with a custom Microsoft Entra ID attribute and click Edit next to the field.
- Select Custom Microsoft Entra ID and enter the exact custom field name from Microsoft Entra ID. Click OK.
- Click Save and Next once you have configured field mapping.
The
custom attribute is case sensitive and must match the custom attribute
of Microsoft Entra ID exactly. If the field name does not match, the
field mapping will fail.
Configure Settings
In
this section, you can configure user settings, such as mail
notification, password notification, status sync and resource sync.
- Under Mail Notification, choose whether the users and admins can receive email notifications. Click Notify via mail.
- Under Password Notification section, choose how newly synced users will receive their one time password to access their accounts.
- You
can choose to send the password via email to the user or the admin,
which they can be use to access the account and reset the password upon
successful login.
- You can choose not to notify anyone and send the user invitation manually.NOTE: Password Notification can be configured only for users whose email address has a verified domain name.
- Under Status Sync, choose how the change in user status from Microsoft Entra ID should reflect in Zoho Directory.
- Click Save and Next.
- Under Resource Sync, choose the resources you want to be sync from Microsoft Entra ID.
- Click Save and Next.
- Under Criteria, choose how you want to sync users from Microsoft Entra ID. Learn more about editing criteria details. You can either sync all the users or few users based on criteria in Zoho Directory.
- To set criteria, select a criteria from the options, choose a relationship, and enter the criteria's value as needed.
- You
can also set multiple criteria. To add more than one criteria, click
beside the criterion 1, enter your condition (whether OR or AND), and
define the next criteria.
- Once done, click Save and Next.
- Enable Schedule Sync
to import users from Microsoft Entra ID automatically at a specific
time interval. Choose how often the sync should run on a daily, weekly,
or monthly basis, and set the preferred time in the Time.
- Once done, click Save and Close.
Import Users
This
section lets you configure the user import process from Microsoft Entra
ID to Zoho Directory. Users in Microsoft Entra ID who meet the chosen
criteria will be listed as follows:
- New Users
- Microsoft Entra ID users who do not have an account in Zoho Directory
will be listed here. During user import, users you select here will be
added to Zoho Directory.
- Update Users
- Microsoft Entra ID users who are already added to Zoho Directory will
be listed here. During user import, the details of the users you select
here will be updated in Zoho Directory.
- Users to Activate
- This section lists Microsoft Entra ID users who are part of Zoho
Directory but are inactive. During user import, users you select here
will be activated in Zoho Directory.
- Users to Deactivate
- This section lists users who are deactivated in Microsoft Entra ID
but are active in Zoho Directory. During user import, the users you
select here will be deactivated in Zoho Directory.
To configure user import,
- Select the required users and click Next.
- Click Import Users.
If the user count is more than 200, the import will happen as a staged process and might take time.
User information in Microsoft Entra ID and Zoho Directory will be synced once the user import is complete.
Using SCIM
In Zoho Directory:
- Sign in to Zoho Directory, then click Admin Panel in the left-menu.
- Go to Directory Stores, then click Add Directory.
- Click Add next to Entra ID.
- Under API INTEGRATION, note down the Sync endpoint and SCIM token. Later on, you'll have to provide this information in Microsoft Entra ID app (instructions for performing this task have been included in this document).
- Click Next.
- Map the fields available in Zoho Directory to the fields available in Entra ID. If you'd like to have all users synced from Entra ID to have the same value for a field, map that field with a hard-coded value. For example, if you want the value for the field 'Work Location' as 'Main Building', then you can type Main Building as a value for the Hard-coded Value.
To map a hard-coded value with a field: - Click Edit next to a field.
- Enter the value you need in the Hard-coded Value field.
- Click Ok.
- Click Next.
- Under SETTINGS, next to Password Notification, choose how you want your users to receive their One Time Password.Password Notification setting is only applicable to users' whose email address has a verified domain name.
- Click Status Sync in the left corner.
- Choose how the change in user status on Entra ID should be reflected in Zoho Directory.
- Click Save and Next.
- Choose how you want to sync users from Entra ID based on the criteria applied in Zoho Direct. You can either choose to sync users for a few users matching the criteria or all users. You can also set multiple criteria based on your needs.
- To set criteria, select a criteria from the options, choose a relationship, and enter the criteria's value as needed.
While adding more than one criteria, you can also choose to enter it manually. Click Edit, enter your condition (whether OR or AND), and click Save.
14. Once done, click Save and Close.
In Microsoft Entra ID:
- Go to the provisioning setup screen of the apps that you want to manage in Zoho Directory. Follow the steps provided in this help document to set up provisioning. Use the Sync Endpoint and SCIM token that you have copied in API Integration (step 4 from the provisioning setup in Zoho Directory).
- After the provisioning setup:
- To sync the users' information immediately, select the user from the required app and click Provision.
- To sync the users' information at 40 minute intervals, select the app, go to Provisioning on the left menu, and tap Start provisioning. The user information will be synced automatically until you stop the provisioning.
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
Centralize Knowledge. Transform Learning.
All-in-one knowledge management and training platform for your employees and customers.
New to Zoho Writer?
Create. Review. Publish.
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
Custom authentication with Microsoft Entra ID
Prerequisites Roles required to perform this action: Organization Owner Organization Admin Admin account in Microsoft Entra ID Custom authentication with Microsoft Entra ID enables SAML-based single sign-on (SSO) from Microsoft Entra ID to Zoho. Once ...Add JumpCloud to Zoho Directory
Prerequisites: Roles required in Zoho Directory: Organization Owner Organization Admin Roles required in JumpCloud: Admin Plan required in Zoho Directory: Free plan Add JumpCloud to Zoho Directory Using API Using SCIM Using API To add JumpCloud as a ...Add Okta to Zoho Directory
Prerequisites: Roles required in Zoho Directory to perform this action: Organization Owner Organization Admin Custom Authentication with Okta Roles required in Okta: Admin Plan required in Zoho Directory: Free plan Professional plan (if you want to ...Add Reply Attributes
Overview Reply Attributes are configuration parameters that the RADIUS server sends back to the Network Access Server (NAS) in response to an authentication request. These attributes allow the admin to identify how the network is established, ...Add BambooHR to Zoho Directory
Prerequisites: Roles required in Zoho Directory to perform this action: Organization Owner Organization Admin Roles required in BambooHR: Admin Plan dependency in Zoho Directory: Free plan In BambooHR: Log in to your BambooHR account. Click the My ...
New to Zoho LandingPage?
Zoho LandingPage Resources