Entra ID integration

Follow the steps to import and synchronize people between your organization in Huma and your Entra ID account.

Step 1: Register a new app in Microsoft Azure

Step 2: Create a Client secret key

Step 3: Add API permission for your app (Only when using auth type Service to service)

Step 4: Connect Huma to Entra ID

Authorization types

Step 5: Activate the integration

Integration is active

Synchronize users

Currently supported fields

1. Register a new app in Microsoft Azure

  • To give Huma access to your Entra ID, you must create an app in your Azure account to connect it to, and give it permission to access Entra.
  • Log in to your Microsoft Azure account.
  • In the top search bar, enter 'App registrations' and click on the search result.

  • Click on the 'New registration' button.


  • Provide a name for your app, for example, 'Huma'

  • In the 'Supported account types' section, select 'Accounts in this organizational directory only'

  • 'Redirect URI'
    • If you're connecting via 'Service to service' (Recommended):
      • Leave the redirect URI field empty.
    • If you're connecting via 'With user account':
      • Choose 'Web' as the application type.
      • Set the redirect URI to
        https://auth.humahr.com/oauth

Read more about 'Service to service' and 'With user account' under Connect Huma to Entra ID

  • Finally, click on the 'Register' button.

2. Create a Client secret key

  • In the 'Overview' page, click 'Add a certificate or secret'

    azure-create client secret

    azure-client secret gif
  • Click the 'New client secret' button
  • Provide a name for the client secret, for example, 'Huma client secret'
  • Choose an expiry period. After this period you need to create a new client secret and reconnect with Huma
  • Click the 'Add' button
  • Copy the 'Value' key and paste it somewhere. You will not be able to see this key after you navigate away from this page
    Screenshot 2023-05-22 at 13.37.19

3. Add API permission for your app

Adding API permissions is only necessary if you're using the authorization type 'Service to service'.

  • Navigate to 'API permissions' and click the 'Add a permission' button

    azure-add permission

    api-permission-gif
  • Choose 'Microsoft Graph' and then 'Application permissions'
  • Search for 'User' and open it
  • Select 'User.ReadWrite.All' and click the 'Add permission' button
  • Click the 'Grant admin consent for [your company]' button

 

4. Connect Huma to Entra ID

To access Integrations under System settings you'll need a System role with permissions to do Organization-wide settings. Read more here

  • Log in to your Huma organization
  • Go to 'Integrations' and choose 'Microsoft Entra ID'

    Huma Integrations Overview - Entra ID Focus
  • Please read all the information about the Entra ID integration before moving to next step.
    • "How to use"
    • "Supported features"
    • "Supported fields" 
  • Click 'Set up' in the upper right corner
  • Choose which authorization type you want to use

Authorization types

  • Service to service (Recommended)
    The authorization is connected to your Huma organization.
  • With your user account
    The authorization is connected to the user who sets this up. If the user loses the User Administration role in Microsoft Azure, the integration will stop working.
  • Copy and paste the 'Directory (tenant) ID' from Microsoft Azure into 'Tenant ID' in Huma, and the 'Application (client) ID' from Azure into 'Client ID' in Huma. You will find these values on the 'Overview' page of your app in Microsoft Azure:

    azure-id
  • Copy and paste the Client secret value key which you saved earlier. (If you didn't save the value anywhere before, delete the client secret and create a new one) and click 'Continue'

    Huma Integrations - Entra ID - Set up - Step 1
  • When adding users in Huma, you can choose if they should automatically be added in Entra ID. If you leave this inactive, you need to do a manual sync to add the user in Entra ID.
    If you're using the Teamtailor integration or the Nuu integration users added to Huma via that integration will also be added to Entra ID.

    Huma Integrations - Entra ID - Set up - Step 2

    Click 'Save' and a connection is now established between the two systems. Now: On to the next step - it's where the magic happens.

5. Activate the integration. Synchronize users and choose how to handle conflicts or missing values

  • After clicking 'Continue' you will end up in the Synchronize users step
  • Huma will inform you of any conflicts or inconsistency between Huma & Entra ID and you will have to decide how to handle conflicts and/or missing values. You can decide whether or not you want to update Entra ID based on values in Huma or the other way around.

    Huma Integrations - Entra ID - Synchronize - Step 1
  • Click 'Next' and decide which users you want to create in Huma & Entra ID.

    Huma Integrations - Entra ID - Synchronize - Step 2
    • If users in Entra ID does not exist in Huma, you can add users to Huma
    • If users in Huma does not exist in Entra ID, you can add users to Entra ID
  • After deciding on the above click 'Synchronize users'
  • Huma will now start synchronizing users with Entra ID. You will receive an email confirming the result.

Your connection between Huma and Entra ID is active 🥳

Any changes made to supported fields in Huma (listed below) will be automatically updated in Entra ID in real-time. 

Please be aware that you need to sync users to get the latest changes from Entra ID. Changes made in Entra ID will not be automatically updated in Huma. 


Huma Integrations - Entra ID - Completed

How to synchronize users manually

If you want to synchronize users manually you can always click 'Synchronize users'

Huma Integrations - Entra ID - Completed - Focus on synchronize button

Currently supported fields

The country field on the user in Entra ID must be in the ISO 3166-1 alpha-2 format (NO, SE, FI). If not, the Address field will not be synced to Huma.

  • Employment ID   (Note: The integration can't update this field's value in Entra ID with the value in Huma. Huma requires this field's value to be unique) 
  • Given name  (*REQUIRED!)
  • Family name  (*REQUIRED!)
  • E-mail  (*REQUIRED! Huma requires this field's value to be unique) 
  • Phone number  (Note: Huma requires this field's value to be unique)
  • Address
    • Street address
    • Postal code
    • City
    • Country
  • Job title
  • Employment start date