User Directory Integration
User Directory Integration in Iru Endpoint allows you to connect your existing identity provider (like Microsoft Entra ID, Google Workspace, or Okta) to automatically sync user accounts and enable seamless authentication across your organization.Why configure a directory integration?
Iru Endpoint lets you assign users to specific devices. Using a directory integration to import users allows you to manage your Iru Endpoint user assignment centrally. You can configure automatic device assignment based on your directory settings. Device users in Iru Endpoint can only be created and assigned via a directory integration. To import users, you can connect multiple Google Workspace, Microsoft Entra ID, or System for Cross-Domain Identity Management (SCIM) integrations. This article covers adding Active Directory and Google Workspace user directories to Iru Endpoint. These native methods are simple to configure and require only a directory administrator account with access to the directory you are trying to integrate. After the initial user sync, Iru Endpoint will import users and groups every four hours.If you prefer user accounts be added and removed as they are created within your directory, use a SCIM integration. SCIM requires more upfront configuration but allows for Just-in-Time (JiT) account provisioning and de-provisioning. You can use SCIM with Microsoft Entra ID, Okta, and other directory systems that support it. Refer to SCIM Directory Integration for more information.
Adding Directory Integrations
- Microsoft Entra ID
- Google Workspace
Add a Microsoft Entra ID Integration
1
Navigate to Integrations
Navigate to Integrations in the left-hand navigation bar.
2
Discover Integrations
Click Discover integrations in the upper-right of the Integrations page.
3
Add Microsoft Entra ID Integration
Under Directory integrations, click Add and configure under Microsoft Entra ID.
4
Start Setup
Click Get started.
5
Enter Integration Name
Enter a unique name, which will be used in Iru Endpoint to show the directory from which a user originates.
6
Sign in with Microsoft Entra ID
Click Sign in with Microsoft Entra ID.
If you are signing in with an account that is not a Global Administrator, you may need to request approval during that sign-in process. Once a Global Administrator approves the request, you can complete the sign-in process.
7
Complete Authentication
Sign in using a Microsoft Entra ID account with admin access to the directory you want to integrate.
8
Consent and Accept
Consent on behalf of your organization and click Accept. You will see the new user directory on the Integrations page.
View Additional Information about a Directory Integration
1
Access Directory Integration
Click the ellipse on the Directory Integration you would like to view.
2
View Details
Select View details.
Force a User Directory Sync
Microsoft Entra ID and Google Workspace directories sync automatically every four hours, but you can force an immediate sync. SCIM uses a push mechanism from the cloud directory so it is not necessary to force-sync a SCIM directory integration.1
Access Directory Integration
Click the ellipse on the Directory Integration you would like to sync.
2
Sync Users
Select Sync users.
Re-authenticate a Directory Integration
You might need to re-authenticate an existing Microsoft Entra ID or Google directory integration to update credentials, change the account that was used to create the integration, or to update permissions.1
Access Directory Integration
Click the ellipse on the Directory Integration you would like to re-authenticate.
2
Re-authenticate
Select Re-authenticate.
3
Complete Authentication
Sign in using a Google or Microsoft Entra ID account with admin access. You will be redirected back to the Integrations page.
Remove a Directory Integration
Removing the integration will remove users not assigned to devices from Iru Endpoint. Users assigned to devices will remain, but Iru Endpoint will no longer synchronize them with the directory.1
Access Directory Integration
Click the ellipse on the Directory Integration you would like to delete.
2
Delete Integration
Select Delete integration.
3
Confirm Deletion
Confirm by typing the name of the integration.
4
Complete Deletion
Click Delete.