Integrate Microsoft Entra ID (Azure AD)

Yarken integrates with Microsoft Entra ID (Azure AD) to provide centralized identity and access management across your organization. This allows administrators to manage user access through existing enterprise identity controls while simplifying onboarding and improving governance.

With Azure AD integration, organizations can:

• Centralize user access management

• Align access with enterprise security policies

• Reduce manual onboarding effort

• Assign permissions through Azure roles and groups

• Govern access consistently across users and teams

How Azure AD integration works

The Azure AD onboarding flow works as follows:

1. Yarken establishes trust with your Azure tenant

2. Administrators approve Microsoft consent permissions

3. Azure AD Roles are enabled in Yarken

4. Users and groups are assigned through Enterprise Applications

5. Users authenticate into Yarken using Microsoft login

Before you begin

Before integrating Microsoft Entra ID with Yarken, ensure the following prerequisites are available.

Required access

You must have:

• Yarken Administrator access

• Microsoft Entra ID Administrator access

Required Azure roles

The Microsoft user configuring integration should hold one of the following roles:

• Global Administrator

• Application Administrator

Tenant configuration requirements

Before assigning users from Azure AD:

Approve Microsoft admin consent

Depending on your organization's Azure policies, users may encounter an admin approval request when attempting to access Yarken.

Non-admin users

If a standard user encounters a consent request:

• The organization’s Azure administrator must approve the request

Azure administrators

Azure administrators can approve permissions directly from the Azure Portal.

Navigate to Microsoft Entra ID → Enterprise Applications → Yarken.

From there, review and approve the requested permissions.

Enable Azure AD Roles in Yarken

Before managing users through Azure AD, administrators must enable Azure AD Roles inside Yarken application.

Steps to enable Azure AD Roles

1. Sign in to Yarken as an Admin.

2. Navigate to Admin > Settings.

3. In the left pane, select Tenants under the General section.

4. Click Edit.

   

5. In the Edit Tenant popup, toggle on the Azure AD Roles setting.

   

6. Click SAVE to confirm the changes.

Once Azure AD Roles are enabled, you can begin adding and managing users directly from Azure AD.

Assign users or groups from Microsoft Entra ID

Organizations can grant access to Yarken through either individual user assignments or Microsoft Entra ID group assignments.

• Individual assignments are suitable for smaller teams or limited user counts.

• Group-based assignments are recommended for enterprise environments because they simplify administration and support centralized identity governance.

The following procedure describes how to assign individual users. For large-scale deployments, refer to Assign users or groups from Microsoft Entra ID.

To provide access to a specific user,

1. Sign in to Azure Portal using an administrator account.

2. On the left menu bar, select Microsoft Entra ID.

3. Under the Manage section on the left, select Enterprise applications.

   

4. Locate the Yarken application from the list and double-click it.

5. Select Users and Groups.

   

6. Click Add user. The Add Assignment form appears.

   

7. Select Users. A list of Azure instance users appears.

8. Select the users you want to assign to the Yarken application, and then click Select.

9. On the Add assignment form, click Select a role to display a list of the app roles that Yarken has created.

   

10. Select the app role and then click Select.

11. Click Assign.

The user is granted access to the application. The added users will be able to login to the Yarken application, and the details of the users will be captured in the Admin > User Management > Users tab.

Assign access using Azure AD groups

For enterprise environments with large user populations, Yarken recommends assigning Microsoft Entra ID groups instead of individual users. Group-based assignments reduce administration effort and ensure access is governed through existing identity management processes.

With this approach:

• Users are assigned to Microsoft Entra ID groups.

• Groups are mapped to Yarken application roles.

• Access is automatically granted based on group membership.

• Administrators manage access from Microsoft Entra ID instead of updating users individually.

Example Group Structure

The following table shows example Microsoft Entra ID groups aligned to corresponding Yarken roles.

Create a Security Group in Microsoft Entra ID

1. Sign in to the Azure Portal.

2. Navigate to Microsoft Entra ID → Groups

3. Select New Group

4. Configure:      

5. Select Create

Repeat this process for each role your organization plans to manage through groups.

Add Users to a Group

After creating the group:

1. Open the required group.

2. Select Members

3. Select Add Members

   

4. Choose the required users.

5. Save your changes.

Once added, users inherit any permissions associated with the mapped Yarken role.

Assign Groups to the Yarken Enterprise Application

After groups have been created:

1. Navigate to Microsoft Entra ID > Enterprise Applications > Yarken > Users and Groups.

2. Select Add User/Group.

3. Select Users and Groups.

4. Choose the required Azure AD group.

   

5. Select Assign

Assign a Yarken Application Role

When assigning the group:

1. Select Select a role.

2. Choose the required Yarken role.

   

3. Select Assign
   All users within the selected group now inherit the assigned Yarken role.

Related content

Supported Yarken roles