Azure AD Configuration

Setting up Azure AD integration with Twingate will enable both OpenID Connect user authentication and user and group sync with Azure AD. There are two steps to set up this integration:

  • Enable the Azure AD integration in Twingate and sign in to your Azure AD tenant.
  • Configure the Twingate application in the Microsoft Azure AD Gallery and enable SCIM for user and group sync.

Twingate configuration

Before proceeding with the Twingate Azure AD gallery app configuration, you need to sign in with Azure AD in the Twingate Admin Console. You can do this from Settings > Identity Provider > Azure AD.

To retrieve the Azure AD tenant ID:

  • Open the Azure portal at https://portal.azure.com.
  • Navigate to Azure Active Directory from the left side menu.
  • Copy the Tenant ID from the Tenant information box.
  • Paste the Tenant ID into Twingate as shown above, and click “Sign in with Azure AD”.

Once you have entered the Azure tenant ID and have verified that you can sign in, continue with the steps below.

Once you have completed the initial step of signing into Azure AD, above, you can proceed with setting up the official Twingate gallery application. Detailed instructions are available in Microsoft’s Azure AD documentation.

To complete the Azure AD configuration, please follow the instructions below on Microsoft’s website:

-> Twingate Azure AD Gallery app instructions

The guide above will cover:

  • Adding the Twingate Azure AD Gallery app to your Azure AD instance
  • Determining which users and groups should be synced to Twingate

Azure AD accounts without email addresses

Azure AD allows configuring accounts without an email address. Our Help Center, which we use to provide you with technical support services, requires accounts to have an email address to access support. Twingate signs in users to the Help Center using their synced email address.

Consequently, accounts that need access to support are required to have an email address. If an Azure AD account does not have an email address, it will not be able to login to the Help Center. Adding an email address to a user by setting the “Email” property for their account will sync the email address with Twingate and enable that user to access the Help Center.

Last updated 20 days ago