Skip to main content

Just-in-time admin accounts

Entra ID technician login flow

High-level overview of what technicians need to do to request and access Entra ID account for a customer.

Login to MSP tenant

  • Technician navigates to MSP portal at <msp domain>
  • Technician will need to login with idemeum Passwordless MFA by scanning a QR-code or approving a push notification
  • Once logged into the portal technician can see what customer tenants are available. You can use the Application type filter → Customer web apps.

Login to customer tenant

  • Technician will click on the customer tenant link and will access the customer tenant
  • Once logged into the customer tenant, technician will see all workstations and applications that he is entitled to access.

Request Entra ID account

  • The Entra ID application will be grayed out. That means that account has not been created yet, or it was disabled.
  • To request an account technician clicks on ... and chooses Request access.
  • At this point idemeum will provision an Entra ID account, will assign required roles and then there will be a message that account was successfully created or enabled.
  • The application tile will become active and ready to be launched.

Access Entra ID account

Manual access

  • Technician can retrieve Entra ID account credentials and manually login into customer Entra tenant. Technician will click on ... and then choose View credentials.

Extension autofill

  • Another option is to click on the application tile, Entra ID login portal will open, credentials will be automatically filled and the technician will be logged in.