How do I configure Microsoft Entra ID (SSO) integration with TMAS?
Discover how to easily integrate Microsoft Entra ID for single sign-on with TMAS to improve user security and access.
Table of Contents
TMAS integrates with Microsoft Entra ID (formerly Azure Active Directory), allowing users to sign in with their Microsoft account. This article explains how to configure this integration and troubleshoot common configuration issues.
How it works
- Users connect to TMAS using their Microsoft account credentials via the "Sign in with Microsoft" button.
- TMAS does not synchronize users from Entra ID; users must first be created manually in TMAS.
- The email address used in TMAS must exactly match the email address registered in Microsoft Entra ID.
- Password management and access control can be ensured via Entra ID once the integration is activated.
Requirements
- A Microsoft Entra ID tenant (Microsoft's default configuration is sufficient — no custom settings are required).
- Administrator access to the TMAS channel.
- Users must already exist in TMAS with email addresses that match their Microsoft Entra login ID.
Step 1 — Obtain your Entra tenant ID
- Sign in to the Microsoft Entra admin center at https://entra.microsoft.com (or to the Azure portal at https://portal.azure.com ).
- Go to Identity → Overview (or Azure Active Directory → Properties in the Azure portal).
- Copy the tenant ID (also known as the directory ID).

Step 2 — Configure TMAS with your tenant ID
- Log in to TMAS at www.smssoftware.net .
- Develop the administration .
- Click on Manage locations → Advanced .
- Paste your Entra tenant ID into the Azure tenant ID field.
- (Optional) Enable mandatory authentication to require all TMAS users below Chain Manager and User Manager levels to log in exclusively through Microsoft. Users with Chain Manager or User Manager permissions retain standard login access.
- Click on Save .

Step 3 — Sign in with Microsoft
- On the TMAS login page, click Sign in with Microsoft .
- Use the same email address that is configured in TMAS for your account.

Step 4 — Accept the Microsoft authorization request
- A Microsoft authorization pop-up window will appear requesting access; accept the authorization request to complete the linking between your TMAS session and your Entra account.

⚠️ You must accept the authorization pop-up. If it is blocked by a pop-up blocker or if you close it, the connection will fail. Make sure your browser allows pop-ups from TMAS.
Step 5 — Confirm the integration in Entra (Validation)
Once the user has successfully logged in, the TMAS application will appear in your Microsoft Entra admin center list, confirming that the integration is active.

Troubleshooting
If a user is unable to sign in to Microsoft, check the following three points: these are the most frequent causes of onboarding failures:
- Incorrect email address — The email address registered in TMAS must exactly match the one used to log in to Microsoft Entra ID. TMAS does not synchronize Entra users; therefore, the two addresses must be configured manually and match precisely.
- Tenant ID inconsistency — The tenant ID entered in the TMAS advanced settings must exactly match the one in your Microsoft Entra admin center. Even a single difference will cause a connection failure.
- Permissions denied — The first time you sign in, Microsoft displays a pop-up window asking you to consent to the permissions. If you ignore or block this window, you will need to try signing in again and accept the prompt.
💡 Note: Issues almost always originate from the client's Entra configuration, not the TMAS integration itself. The integration has been tested and works correctly with Microsoft Entra's default settings. If the client's Entra environment includes custom conditional access policies, administrator consent requirements, or application registration restrictions, these settings may block the connection and should be reviewed by their IT administrator.
Notes
- Users must be created in TMAS before they can connect to Microsoft. Entra does not automatically add users to TMAS.
- Enabling mandatory authentication does not affect channel administrators or user managers; they retain standard access via username and password.
- This integration was previously known as Microsoft Azure Active Directory . Microsoft renamed this service Microsoft Entra ID in 2023. The TMAS field label may still display "Azure Tenant ID"; enter your Entra Tenant ID in this field.
Related questions
- How do I create users in TMAS?
- How do I manage locations and advanced settings in TMAS?
- Why can't my users connect to TMAS with Microsoft?