Skip to content

Common scenarios

This page explains how to perform some common tasks that may need to happen when using Microsoft Entra with Connect.

Add an existing Connect User to an Entra group

If a member of your Connect Organisation needs to be added to a group in Entra, please do the following:

  • In the Microsoft Entra admin center, find the relevant group in Groups -> All groups
  • Click on (Group name) -> Members
  • Select Add members and add the required user account

The change will be synced from Entra to Connect within a few minutes.

The change can be confirmed by following the instructions for viewing User group membership in Connect

Inviting an Entra User to Connect with membership to an Entra group

If a user from your Entra tenant is not yet in your Connect Organisation, please follow the instructions for inviting a new User to your Organisation

Info

The email address of the user account must match the one that you use for the invitation.

Once the User has completed the sign-up process, their Entra group membership can be confirmed by following the instructions for viewing User group membership in Connect

Tip

Connect will only list groups that have been referenced in your Organisation's IAM Policy.

Delete an Entra user

If you wish to delete a User from both Entra and Connect, you will need to perform both of the following:

Remove an account from Entra

  • In the Microsoft Entra admin center, find the relevant user in Users -> All users
  • Click on the user account name
  • Click Delete at the top of the page
  • Click the Delete button to confirm

Remove an account from Connect

  • In the Connect Control Service, browse to your Connect Organisation
  • Open the Endpoints tab
  • Delete any Endpoints that list the User as the Primary User

Delete Connect Endpoint

  • Open the Users tab
  • Find the correct User account, and click the red Delete icon

Delete Connect User

Tip

If the delete button is greyed out, the User is still associated with an Endpoint.

Disabling an Entra user

Disabling a user in Entra will prevent new logins and invited sign-ups into your Connect Organisation with that account.

If you wish to disable a user in Entra, you must do the following:

  • In the Microsoft Entra admin center, find the relevant user in Users -> All users
  • Click on the user account name
  • Click Edit properties at the top of the page
  • Click the Settings tab
  • Untick Account enabled
  • Click Save

Limitation

This does not currently affect group membership in Connect for users that have already accepted an invitation.

This will change in a future release of Connect.

You may wish to delete the User in Connect instead by following the instructions above.

Remove an Entra tenant from Connect

If you wish to remove an Entra tenant from Connect, you will need to remove all Group references that use the tenant from the Organisation's IAM Policy.

To do this:

  • In the Connect Control Service, browse to the Organisation that uses the Entra tenant
  • Open the IAM Policy tab
  • Click "Edit" to edit the current policy
  • Amend the policy to remove any references to the tenant
  • Click "Save". You should then see a message confirming that the IAM Policy has been successfully updated
  • Open the Identity Providers tab
  • Click the red Delete icon for the tenant you wish to delete

Delete Tenant

Tip

If the delete button is greyed out, you still have a reference to the tenant in your Organisation's IAM Policy.