LogoLogo
  • WorkSpaces Manager Administration Guide for Version 6
  • Introduction
  • USER Section
    • User Dashboard
    • Change Password
  • ADMIN Section
    • Admin Dashboard
    • User Preferences
    • WorkSpaces Personal
    • WorkSpaces User Tab
    • Metrics
    • WorkSpaces Pools
    • Secure Browser
    • Users
    • Task Queue
    • Update
    • Reports
  • CONFIGURATION Section
    • Settings
      • Licensing
      • Enterprise Settings
      • Active Directory (Single or Multiple Domains)
      • WorkSpaces (Personal)
      • WorkSpaces (Secure Browser)
      • WorkSpaces (Pools)
      • Amazon Web Services
      • Remote Service Account
      • Email
      • Auto Change Compute Type
    • Schedule Rebuild
    • Schedule Start
    • Fixed Tags
    • AP Profiles
    • Custom Password Module
    • Branding
  • RESOURCES Section
    • Bundles
    • Directories
    • Regions
    • Images
    • Email Templates
  • SECURITY Section
    • Portal Users
    • Roles
  • SUPPORT Section
  • Appendices
    • Cost Optimizer Verification
    • How do I create a WorkSpace for a user?
    • Adding a single new user and creating them a WorkSpace
    • Copy an existing user and creating them a WorkSpace
    • Creating a WorkSpace from a user already in Active Directory
    • Auto-Provision by AD Group
    • Auto-Provision by Entra Group
    • Adding Another Domain
    • Multi AWS Accounts
      • Testing Multi-Accounts
      • KMS Multi-Accounts
Powered by GitBook
On this page
Export as PDF
  1. Appendices

Auto-Provision by Entra Group

PreviousAuto-Provision by AD GroupNextAdding Another Domain

Last updated 10 days ago

First, sign in to the Microsoft Entra admin center and navigate to Enterprise Applications under Applications. If you don’t already have one, create a new application. Once created, assign the required API permissions: User.Read.All and Group.Read.All by going to Permissions under Security.

Be sure to copy and securely store the client secret value immediately after creating it, as it cannot be viewed again once you leave the page.

Next, open the WorkSpaces Manager console and go to Configuration > Settings > Enterprise, then scroll down to the Microsoft Graph (Entra) Settings section. Enable Microsoft Graph and enter the Tenant ID, Client ID, and Secret.

You can find the Tenant ID by navigating to App Registrations under Applications. Click on your application, and you will see the Directory (tenant) ID in the overview section.

Once enabled, an additional switch will become available in an Auto Provision (AP) profile. To access it, go to Configuration > AP Profiles, click on your desired profile, and you’ll see the new switch. This allows you to query the Entra group specified in the profile.