Features

The following provisioning features are supported:

• Push Groups and New Users
• Push Profile or Group Updates
• Push User Deactivation
• Reactivate Users

Prerequisites

You will need:

• An account on the Smallstep platform. Need one? Register here
• An Azure Premium edition account (P1 or higher)
• Global administrator access to the account

Step By Step Instructions

Step 1. Create an Entra ID Enterprise Application

1. In Azure, visit Browse Entra Gallery and choose “+ Create your own application”.
2. Name the application and use the default “Non-gallery” option.
3. In your new Enterprise Application, visit Manage → Users and groups.
4. Assign the groups or users you’d like to sync to Smallstep. You may want to create new groups for Smallstep users.

Step 2. Enable SSO

1. Your Enterprise Application comes with an App Registration.
2. Go to App registrations and find your Smallstep application in the list.