Skip to content
Last update: 2022-05-09

Use Azure AD as an identity provider

This option may not be available to all partners yet.

You can use Azure AD as an identity provider.

You can use your Azure AD instance to verify the identities of your administrators when they sign in to Sophos Central Partner. You need to add Azure AD as an identity provider to do this.

If you want to use Azure AD as an identity provider, find your Tenant ID for your Azure AD instance. We need this to verify your users and administrators.

Requirements

You must verify a domain first. See Verify a federated domain.

You must be a Partner Super Admin.

Warning

If you want to use federated sign-in as your sign-in option, you must ensure that all your administrators are assigned to a domain and have an identity provider.

You must do the following before you can add Azure AD as an identity provider:

  • Ensure you have an Azure Active Directory (AD) account with Microsoft. Azure AD is Microsoft’s cloud-based identity and access management service.

  • Get consent and authorization from your Azure AD admin to use your organization's Azure AD with Sophos Central.

  • Ensure you have a Sophos Central Partner account that matches your Azure AD account (the emails must match).

An Azure AD administrator must grant consent (permission) to use the credentials stored in your organization's Azure AD tenant to sign in to Sophos Central.

This consent applies to all Sophos Central products.

When an Azure AD administrator gives consent, it means your Azure AD tenant trusts Sophos Central, and you can add Azure AD as your identity provider.

For help with granting consent in Azure, see Understanding Azure AD application consent experiences.

Find your Tenant ID

You need to know the Tenant ID for your Azure AD instance before you can add Azure AD as an identity provider.

To find this, do as follows:

  1. Go to your Azure AD configuration and open Custom domain names.

  2. Make a note of the ID for your Tenant Domain.

    You'll need to enter it when you set up Azure AD as an identity provider.

You can now add Azure AD as an identity provider. See Add an identity provider.

Back to top