Entra ID External Authentication Method
Introduction
Nametag can be used as an Entra ID multifactor authentication method. This guide will walk you through the steps to set up Nametag as an MFA provider for your Entra ID tenant.
Prerequisites
Before you begin, you will need the following:
- An active Entra ID directory with at least a Entra ID P1 license.
- A Nametag account with an active subscription and Admin permission.
Create an Entra ID directory
If you don’t already have an Entra ID integration configured in Nametag, you’ll need to establish one.
- Sign in to the Nametag console
- Go to Configure > Directories.
- Select Add a directory and choose Entra ID.
- Select Connect to Entra ID and accept the permissions requested for Nametag.
Configure authentication policy in Nametag
- Go to Configure > Directories and select the directory you want to configure.
- In the External authentication method rules section, choose a policy for account binding. For more information about configuring binding policies see this document.
- Note the Client ID for the directory you just configured. You will need this value when setting up the external authentication method in the Entra ID console.
Create an external authentication method
-
Sign in to the Entra ID console.
-
Go to Protection > Authentication methods.
-
Select Add external method
Add external method -
Provide the following information:
- Name
- Nametag
- Client ID
- CLIENT_ID (from the previous step)
- Discovery Endpoint
https://nametag.co/entra/eam
- App ID
ae2a2b18-026e-4a6d-aab0-5bec8e9fbc11
Add external method -
Select Request permission and accept the permissions requested for Nametag.
-
Set Enable to On.
-
Select Save.
Testing authentication
-
In an incognito / private browsing window, go to a URL that requires multifactor authentication, for example
https://entra.microsoft.com
. -
Enter your email address and password.
-
You will be prompted to select an authentication method. Choose Approve with Nametag.
Configure external method -
Scan the Nametag QR code and verify your identity.
-
After the Nametag identity verification completes, your browser will automatically return to the Entra ID sign in view and you will be prompted with “Stay signed in?”. The authentication process is now complete.