Microsoft Entra ID Integration with Sloneek

Overview

The Microsoft Entra ID integration, formerly Azure AD, allows companies to enable secure login to Sloneek through Microsoft accounts, import users in bulk from selected groups, and synchronize approved absences with Outlook calendars.

The integration covers:

1. Single Sign-On through Microsoft
2. Switching to SSO-only login
3. User import from Microsoft Entra ID
4. Synchronization of basic user data
5. Synchronization of approved absences to Outlook calendar

1. Microsoft SSO Login

Single Sign-On allows users to log in to Sloneek using their Microsoft account. The setup is simple and can usually be completed within a few minutes.

Requirements

The person setting up the integration must meet the following requirements:

• They have the Global Administrator or User Administrator role in the Microsoft tenant.
• They have a Sloneek account with the Administrator or Account Owner role.
• The email address of their Sloneek account exactly matches the email address used in Microsoft.

Pay special attention to possible differences between the email address and the UPN address in Microsoft.

Activation Steps

1. The administrator goes to the Sloneek login page.
2. They select Sign in with Microsoft.
3. During login, they grant Admin consent for the entire organization.
4. Sloneek is automatically added to the Microsoft environment under:
   • Azure Portal
   • Enterprise Applications
5. From this point, the integration and access can be managed centrally in Microsoft.
6. Other users can then log in through Microsoft without the need for individual approval.

2. Switching to SSO-Only Login

After successful testing, we recommend disabling standard email and password login for security reasons and keeping only Microsoft SSO enabled.

Recommended Process

1. Verify Email Addresses

Check that users’ email addresses in Sloneek exactly match their accounts in Microsoft Entra ID.

2. Run a Pilot Test

First, test Microsoft login with the administrator and a small group of users.

3. Inform Users

Notify employees in advance about the date from which login will only be possible through their Microsoft account.

4. Switch the Login Mode

In Sloneek, go to Integrations and disable standard login. Keep only Microsoft SSO active.

5. Verify Functionality

After switching, check that both the administrator and regular users can log in through Microsoft without issues.

3. Risks and Rollback

Possible Risks

The following situations may occur when switching to Microsoft SSO:

• Email addresses in Sloneek and Microsoft Entra ID do not match.
• Microsoft, as the identity provider, experiences an outage.
• The user does not have the correct permissions set in the Microsoft tenant.

Rollback

If an issue occurs, the administrator can re-enable standard login with email and password in Sloneek.

If the administrator cannot access Sloneek due to an SSO issue, Sloneek Support can help restore alternative access.

Changing the login type has no impact on the licensing model or SLA.

4. User Import from Microsoft Entra ID

The integration allows administrators to create users in Sloneek in bulk based on security groups in Microsoft Entra ID.

Synchronization Direction

Synchronization is one-way only:

Microsoft Entra ID → Sloneek

Automated Provisioning

Sloneek does not use fully automated provisioning in this scenario. This means Microsoft does not automatically:

• create users in Sloneek,
• send HR data in the background,
• update user profiles automatically without administrator action.

The import is always started manually by an administrator in Sloneek.

Where to Start the Import

In Sloneek, go to:

Users → Management → Import users

During the import, the administrator:

• selects specific groups from Entra ID,
• chooses which users to import,
• decides whether the users should be activated immediately.

Recommended Preparation in Entra ID

For easier management, we recommend creating a dedicated security group in Microsoft Entra admin center, for example:

Sloneek – Active employees

Group membership can be managed as:

• Assigned – manual membership management,
• Dynamic User – dynamic membership based on rules.

The administrator can then simply select this group during the import to Sloneek.

5. Transferred Data

To read data from Microsoft Entra ID, the integration requires the following permissions:

• Directory.Read.All
• User.Read.All

The following data is synchronized to Sloneek:

To synchronize a wider set of HR data, such as department, manager, or location, this must be handled individually through the API.

6. Synchronizing Absences to Outlook Calendar

Sloneek also allows approved absences to be written directly to the user’s personal Outlook calendar.

Each user enables this feature individually.

Activation Steps

The user goes to:

My Profile → Notifications and Integrations

Then they:

1. connect their account with Outlook,
2. select the target calendar,
3. save the settings.

From that moment, all newly created and approved absences are automatically added as events to the user’s work calendar.

Recommended Deployment Process

Before launching the integration fully, we recommend:

1. checking that email addresses match in Sloneek and Microsoft Entra ID,
2. activating and testing Microsoft SSO with a small group of users,
3. informing employees about the login method change,
4. switching to SSO-only mode after a successful test,
5. preparing a security group in Entra ID for user import,
6. importing users into Sloneek,
7. optionally recommending that users connect Sloneek with their Outlook calendar for absence synchronization.

Summary

The Microsoft Entra ID integration with Sloneek enables secure login through Microsoft SSO, manual user import from selected Entra ID groups, one-way synchronization of basic user data, and synchronization of approved absences to Outlook calendar.

For a smooth rollout, it is important to verify matching email addresses, test SSO with a smaller group of users, and only then switch to strict SSO-only login.