Introduction
This article explains how to set up group provisioning between Microsoft Entra ID (formerly Azure Active Directory) and NordPass Enterprise.
Group provisioning allows you to automatically sync groups and their members from Entra ID to NordPass, streamlining onboarding, offboarding, and access management. Once group provisioning is enabled, all group management is handled in Entra ID, and any changes made there are automatically reflected in NordPass.
Before you start:
- You need to have a Microsoft Entra ID P2 license or a Microsoft 365 plan that includes P2 features.
- The User provisioning must already be configured between Entra ID and NordPass.
Here's what to do
- Confirm that user provisioning is already set up between Entra ID and NordPass.
- If user provisioning is not configured, follow the User provisioning setup with Entra ID and complete the setup.
- Deploy the Encryption Service on your cloud infrastructure to enable secure group provisioning.
- Select and follow the deployment guide that matches your environment:
- Open Microsoft Entra ID.
- Open the NordPass Enterprise application created during user provisioning.
- Go to “Users and groups” and click "Add user/group".
- Select the groups you want to sync with NordPass.
- Assign the selected groups to the application.
Additional tips
- Users must already be onboarded to NordPass through SCIM user provisioning before they appear as members of synced groups.
- After a group is synced, any items or folders assigned to that group in NordPass will automatically become available to all group members.
- Adding or removing users from a group in Entra ID will automatically update their access in NordPass.
- After group provisioning is enabled, you can no longer add or remove users from groups directly in the NordPass Admin Panel.