Overview

Microsoft Entra ID is a comprehensive identity management platform that helps organizations manage access to applications and resources in a secure manner. Integrating Microsoft Entra ID with Persona enables businesses to leverage Persona's identity verification capabilities within the Microsoft ecosystem to enable secure employee password resets.

Prerequisities

To set up the Microsoft Entra ID integration with Persona, you need:

• A Microsoft Entra tenant configured for service.
• Completion of the onboarding process with Persona. You can create an account by registering through the Persona Dashboard.

Connect Microsoft Entra ID to your Persona account

First, contact your Persona account team so we can enable this feature for your account. Then, visit the Marketplace integrations in your Persona dashboard and select Microsoft Entra ID.

1. Choose + Add credential
2. Provide a name for this credential (e.g., “Persona”)
3. Sign in to your Microsoft account

• The user you sign in with must have the following permissions: User.Read.All and UserAuthenticationMethod.ReadWrite.All

Once added, let your Persona Solutions Engineer (SE) know so they can configure your flow accordingly.

Your employee’s experience

To help an employee reset their password, you’ll need to pre-fill their Entra ID—typically their work email address—as part of the inquiry URL. Your helpdesk can generate a Persona inquiry link that includes the employee’s Entra ID in the URL.

Persona uses this to fetch employee data from Microsoft Entra—such as name and date of birth—so we can verify the correct individual before proceeding with any account updates.

Once verified, the employee will be shown a temporary password. They can use this to sign in at https://entra.microsoft.com, where they’ll be prompted to set a new password.

For more on what the employee will see, visit What to expect when verifying your identity with Persona to reset your Microsoft Entra ID password.

Frequently Asked Questions

What permissions and scopes are required?

Customers must create a Microsoft Entra API credential with the appropriate scopes. These include User.Read.All and UserAuthenticationMethod.ReadWrite.All. Once added to their Persona Marketplace Integrations, the customer should notify their SE so the flow can be updated accordingly.

How can I get my user a verification link?

In many cases, employees may reach out to a helpdesk via ServiceNow or similar tools. The helpdesk can pre-fill the employee’s Entra ID in the inquiry URL before sharing it. Persona will then pull data from Entra to verify identity before issuing a temporary password. Microsoft Entra will enforce a password change the next time the employee signs in.