How to set up self-service account recovery with Azure Active Directory

This tutorial will describe the steps to configure Nametag for self-service account recovery with Azure Active Directory.

  1. Sign in to Nametag at and click “Sign in”

  2. Press Configure.

  3. On the left side, choose Azure AD

  4. Press Connect directory and follow the prompts to authorize Nametag to access your Azure Active Directory.

    Note: You must be a domain administrator in Azure AD to complete this step.

  5. When complete, you will be redirected back to Nametag. Nametag will immediately start to synchronize user accounts from your Azure Active Directory. This may take a few minutes.

    Note: Nametag synchronizes user accounts from your Azure Active Directory every hour, but if you would like to synchronize immediately, you can press the Sync now button.

  6. Determine a URL for your account recovery website. This site should be hosted under a domain your users recognize, but will be hosted by Nametag. For example, if your company’s domain is, you might choose

  7. Update your DNS records to point your URL to Nametag using the CNAME record type and target of For example: IN CNAME
  8. Let us know that your URL is ready to go by emailing, and we’ll get your site set up. If your domain uses certificate pinning, you may need to issue a TLS certificate for your new host and provide the key pair to Nametag. Contact if this applies to you.

  9. Direct your users to the new URL to verify their identities and recover their accounts in case of lockout.