SAS PCE as an External Authentication Method (EAM) in Microsoft Entra ID
This feature enables customers with Microsoft Entra ID to use SafeNet Authentication Service Private Cloud Edition (SAS PCE) to provide an external authentication method (EAM) through SafeNet Access Exchange (SAE). EAM allows you to integrate external authentication providers, like SAS PCE, to satisfy the multi-factor authentication (MFA) requirements for the resource or application to which access is requested. SAS PCE can satisfy the second factor of an MFA requirement. Microsoft Entra ID can specify the authentication strength and method that SASPCE must use.
When a user attempts to access a resource, they must first use an authentication method that is validated by Entra ID and then use additional complementary authentication methods (for example, MobilePASS+ or GrIDsure) that are validated by SAS PCE.
Note
-
External authentication methods (EAMs) in Microsoft Entra ID are currently available as a public preview.
-
The SAS PCE integration with Entra ID EAM is also in public preview. It is subject to change based on customer feedback or future updates from Thales or Microsoft. To request access, contact Thales Customer Support.
Authentication Flow
The image below illustrates the user authentication flow.
Integration - SAS PCE as EAM with Entra ID
Before you start integrating SAS PCE as EAM with Entra ID, you need to complete specific prerequisites.
Integrating SAS PCE as EAM with Entra ID is a three-step process:
