Microsoft Entra ID Integration Setup Guide

For Workspace Admins & IT Admins

This guide walks you through connecting your Microsoft Entra ID (formerly Azure AD) directory to your Social Card workspace. Setup typically requires coordination between a workspace admin and your company's IT administrator (unless you hold both roles).

Who's Involved

Role Responsibilities
Workspace Admins Requests access to the integration and initiates the setup inside Social Card.
IT Admin Completes the Microsoft OAuth flow and authorizes access to the Entra ID directory.

Workspace Admins

  1. Request Access (if not already enabled)
    1. If your workspace does not yet have access to the Entra ID integration, as it is still in active Beta testing, please contact our team.
  2. Initiate Connection
    1. Go to Integrations > Microsoft Entra ID
    2. Click Connect, and follow the prompt
  3. Share The Consent URL
    1. Once the connection is initiated, you'll be provided an admin consent URL for your admin to use to grant the required permissions.
    2. Copy this URL and share it with an IT admin who is an Entra ID administrator.
    3. Note: This URL is time-sensitive and will expire if not used within a set time period. You can always regenerate it later.
  4. After Permissions Are Granted
    1. Once your admins grant the requested permissions and approve the connection, your workspace will automatically update, and you'll see the connection status change.
    2. The connection is ready, but some configuration is still needed. We'll cover this below.
    3. If you see anything other than connected, something may have gone wrong:
      1. Pending means we're still waiting for approval from an admin.
      2. Failed: means the consent URL expired or your admin denied approval.
  5. Field Settings
    1. To start importing users into your Social Card workspace using this connection, you'll need to confirm your field import settings. These settings tell us what user properties to import into your workspace, which to ignore, and which to overwrite when things change.
    2. Learn more about field settings here.
  6. Sync Options (Optional but recommended)
    1. Sync options allow you to configure how we handle specific scenarios when syncing users and groups from your Entra ID directory.
    2. This can include how we determine which users to import or which users to clean up.
    3. Learn more about sync options here.
  7. All Set: That's it, your connection is now ready to start importing team member information.
    1. Learn how to preview and import users from Entra ID.

IT Admins & Entra ID Administrators

Understand What You're Authorizing

This integration allows Social Card to read user and group data from your Microsoft Entra ID directory to support:

  • Importing user profiles for digital business card creation
  • Group-based card management
  • Ongoing synchronization to keep information and business cards up to date

This is a read-only connection — Social Card makes no directory changes.

We are happy to chat about this connection and any fine details if you have any questions.

Consent to the Application

Once your Workspace Admin initiates the connection, we will generate an admin consent URL. We have instructed them to share this URL with you.

Follow these steps:

  1. Open the admin consent URL provided by your Workspace Admin.
  2. Follow the OAuth Microsoft app permission flow.
  3. Review the list of permissions requested by the Social Card integration.
  4. Click Accept to authorize the app.
  5. If the connection is successful, you'll be redirected to a confirmation page. You can then notify your workspace admin that the connection is ready.

Note: This URL is time-sensitive. If it has expired, your Workspace Admin can regenerate it anytime from the Integrations page.

Required Permissions

The Social Card integration requests the following Application Permissions in Microsoft Entra ID:

Permission Name Description
User.ReadBasic.All Read all users' basic profiles
User.Read.All Read all users' full profiles
GroupMember.Read.All Read all group memberships
offline_access Maintain access without requiring re-login

These permissions are scoped to read-only access and do not allow changes to any data in your directory.

Security Overview

  • No passwords or direct credentials are stored.
  • Token-based authentication (via OAuth 2.0) is used for all access.
  • All data access is scoped to the approved permissions.
  • Tokens can be revoked at any time through your Azure portal.

You can pre-approve the Social Card app via your Azure Enterprise Applications settings if your organization requires it.

What Happens After Approval

Once you approve the connection:

  • The Social Card workspace will update automatically.
  • Connection status will change to Connected.
  • The Workspace Admin will now be able to configure field mapping and import settings.

Troubleshooting

If your Workspace Admin reports issues with the connection:

  • Pending: Consent hasn’t been granted yet.
  • Failed: The consent URL may have expired or been denied.
  • Regenerate a new consent URL and repeat the authorization flow.
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Still need help? Contact Us Contact Us

Related Articles