Setting up Entra ID
Last updated
Last updated
Pynt supports setting up external identity provider (IdP) for authentication, such as Microsoft Entra ID. This allows organizations using Entra ID to control how their employees access Pynt and remove their need to manage any credentials.
The high-level steps to set SSO (Single Sign-On) with Entra ID are:
Add Pynt as an enterprise application in Entra
Set up SSO in Pynt
Assign users/groups the Pynt application
Verify you have administrator privileges in your Microsoft Entra subscription.
Verify you are an admin on Pynt and your organization has an active Enterprise license.
Login to Entra ID Admin Center, and navigate to Applications > Enterprise applications.
Click on New Application and then choose Create your own application:
Use Pynt for the app name, and choose the Integrate any other application you don't find in the gallery (Non-gallery) option. Click Create:
In your new app's overview, navigate to Single sign-on and choose SAML as the single sign-on method:
Edit the Basic SAML Configuration and use the details from Pynt's User Management page. Once finished, click Save.
Identifier (Entity ID) - Audience
Reply URL (Assertion Consumer Service URL) - Assertion Consumer Services (ACS) URL
Once saved, scroll to SAML Certificates, Download and save the Federation Metadata XML in your computer (we will use it in Step 2).
Mail support@pynt.io the Pynt.xml file (Federation Metadata XML) from the first step and ask to finalize the setup on Pynt's side.
If you want to limit specific domains for your organization (such as @company.com), include the list of these domains in your request.
Once the setup is finalized, you can assign users/groups to the newly created Pynt application.
Read more about assigning users/groups to applications in Microsoft's documentation.
