Entra ID (formerly Azure AD) with Microsoft Graph is a service accessed from the Microsoft Azure Portal, where it has to be enabled and configured.
Once the Entra ID connection is established, go to MyQ, Settings, User Synchronization.
Click Add, and then click Add Entra ID source.
In the Entra ID synchronization properties panel to the right, in the General tab, if you have already set up an Entra ID connection, the Entra ID server is already in the Authentication Server field. Otherwise, click Add new, set up an Entra ID connection.
Select any of the following options:
Ignore Synchronization Source - This option provides the ability to selectively ignore certain aspects or data from the Microsoft Entra ID source during synchronization.
Deactivate Missing Users - This option allows the system to automatically deactivate users in MyQ X who are no longer present in the Microsoft Entra ID source.
Add New Users - When enabled, this feature automatically adds new users found in the Microsoft Entra ID source to MyQ X.
and then click Save.
In Users to import, you can choose to import All users or Users from selected groups. If you chose the second option, select the user groups from the drop-down.
In the Properties section, you can map user information from Entra ID to the credentials in MyQ.
The User name user property is mapped to
For the Alias user property, you can one or more of the following attributes:
If you choose the
onPremisesSamAccountName@onPremisesDomainNameoption, the user's Alias after synchronization will be a combination of the user's Entra ID attributes
onPremisesDomainNamein the format, for example, firstname.lastname@example.org.
For the Card, PIN, and Personal number user properties, you can choose the
employeeIDattribute or None.
In the Options section:
If you plan to authenticate users towards Azure using Active Directory credentials and use the Microsoft single-sign-on option, select the Use as authentication server option and click Save.
Check the Pair by Object ID box if you wish to update users based on their Object ID. If the Object ID option is checked, during re-synchronization, the system will look for the user by the Object ID. If a match is found, the user details will be updated, otherwise, a new user will be created.
In the Transformation section, the administrator can define regular expressions (RegEx) to transform user data during the synchronization process. For details, check Regular Expression transformation for User Synchronization.
In the Groups tab, you can select what Active Directory groups you want to remove from synchronization using the Ignore groups and Ignore groups containing string fields.
Users can be now synchronized by selecting your Entra ID source from the list and clicking Synchronize now.