Skip to main content
Version: 10.3.0

Integrate with Entra ID: Overview

Currently, there are three integration types supported for Entra ID:

  • HYPR Enterprise Passkey in CC

  • HYPR Login Experience in CC

  • External Authentication Methods

Below are general descriptions of typical business environments for which each integration type may be the most suitable. The type of integration you choose to use should be based on which description best resembles your own environment, procedures, and internal workflows.

HYPR Enterprise Passkey in CC: Choose this integration if you want to leverage FIDO2 security key authentication for both web-based Entra ID applications and Windows workstation login. This solution is ideal for organizations that:

  • Need to eliminate passwords entirely from their authentication ecosystem
  • Want to use mobile devices as FIDO2 security keys for enhanced security
  • Have Windows workstations that are Entra domain-joined or hybrid-joined
  • Require phishing-resistant authentication for both web and desktop access
  • Want to leverage Microsoft's FIDO2 Provisioning API for seamless enrollment
  • Need to support various workstation environments (non-domain-joined, on-premises AD, Entra domain-joined, or hybrid)
  • Want to maintain the familiar Entra ID login experience while adding passwordless security

This integration provides the highest level of security by using FIDO2 standards and eliminates the need for traditional passwords across your entire Entra ID ecosystem.

HYPR Login Experience in CC: Choose this integration if you want to replace the standard Entra ID username/password login with HYPR's passwordless authentication. This solution is ideal for organizations that:

  • Want to eliminate passwords from their Entra ID login process
  • Need to maintain federation with Entra ID for single sign-on capabilities
  • Have existing Entra ID P1 licenses and want to leverage them for passwordless authentication
  • Want to provide a seamless login experience that redirects users to HYPR for authentication
  • Need to support both enrolled and non-enrolled users with different authentication flows
  • Want to maintain control over user enrollment through HYPR Control Center
  • Need to integrate with existing Entra ID applications like Office 365 without changing the user experience

This integration provides a complete password replacement solution while maintaining the familiar Entra ID application access patterns.

External Authentication Methods: Choose this integration if you want to add HYPR as a multi-factor authentication method to your existing Entra ID password-based authentication. This solution is ideal for organizations that:

  • Want to enhance security by adding phishing-resistant MFA to existing password authentication
  • Need to maintain the current password-based login flow while adding an additional security layer
  • Want to leverage HYPR's passwordless technology as a second factor rather than replacing passwords entirely
  • Need to comply with security requirements that mandate multi-factor authentication
  • Want to provide users with a familiar Entra ID login experience while adding enhanced security
  • Need to gradually transition to passwordless authentication without disrupting existing workflows
  • Want to use HYPR as an external authentication provider within Microsoft's EAM framework

This integration provides enhanced security through MFA while maintaining the existing password-based authentication flow, making it ideal for organizations in transition or those with specific security requirements.