This article applies as of PRTG 23.x.88

How to integrate Microsoft Entra ID into PRTG Hosted Monitor

As of PRTG 23.x.88, you can use Microsoft Entra ID as single sign-on (SSO) provider in PRTG Hosted Monitor. For the integration to work seamlessly, follow the steps in this article.

Follow these steps to configure Microsoft Entra ID to work as SSO provider in PRTG Hosted Monitor.

• Step 1: Register your app
• Step 2: Create a client secret
• Step 3: Connect your PRTG instance to Microsoft Entra ID
• Step 4: Invite other users

Step 1: Register your app

• Log in to the Azure Portal under https://portal.azure.com.
• Select Microsoft Entra ID under Azure services.
• Go to the App registrations tab.
  Click to enlarge.
  
• Click the New registration button.
  • Enter a name, for example, Test.
  • Select Accounts in this organizational directory only.
  • Enter the redirect URI as https://auth.my-prtg.com/login/callback
    Click to enlarge.
    
  • Click the Register button to register the new app.
• Select the newly registered app Test.
• Copy the Application (client) ID.
  Note: You will need these later to configure PRTG.Click to enlarge.
  

Step 2: Create a client secret

• Go to the Certificates & secrets tab.Click to enlarge.
  
• Click the New client secret button.
  Click to enlarge.
  

• Enter a Description, for example, Test.
• Enter the period after which the client secret expires.
• Click the Add button to save the client secret.
• Copy and save the newly created value from the Value section as shown below:
  Click to enlarge.
  

Step 3: Connect your PRTG instance to Microsoft Entra ID

• Now open the PRTG Hosted Monitor Login page.

• Go to Select your PRTG subscription.Click to enlarge.
  
• Now take the Application (client) ID and the Client Secret and paste it in the form. Also enter the Microsoft Entra ID Domain (aka 'Primary Domain' shown in the overview page of your Entra ID tenant) and your Email domain.
• Confirm by clicking on Create.
• Now PRTG will restart and prepare to use authentication from Microsoft Entra ID.Click to enlarge.
  
• When opening your instance, the normal login page will appear.
• Enter your credentials and the login page will automatically detect, based on your entered email domain, that you want to authenticate with Microsoft Entra ID. This is also indicated by it displaying SINGLE SIGN-ON ENABLED.
  Click to enlarge.
  

• The login page will redirect you to your corporate login.
• You have now successfully integrated Microsoft Entra ID as SSO provider in PRTG.

Step 4: Invite Entra ID users

• You can now invite other users from your active directory into PRTG Hosted Monitor.
• Click the Setup button on your PRTG instance.Click to enlarge.
  
• Select User Accounts.Click to enlarge.
  
• Click on Invite User.Click to enlarge.
  
• Fill in the details, set Federated Directory User as Login Type and click Send Invite.Click to enlarge.
  

What happens to already invited users?

Let's assume, that you have configured a Microsoft Entra ID integration for the email domain mycompany.com for your PPHM instance.

All existing accounts that have an '@mycompany.com' email address, will be switched automatically to Microsoft Entra ID authentication flow, when entering their email address next time in the login form. These accounts will only be able to log in through the Microsoft Entra ID authentication flow.

All invited users that do NOT have a mycompany.com email address, will be using the default authentication flow with the email address and password.

How to fix "CANNOT READ PROPERTY 'INDEXOF' OF UNDEFINED" error

When you get this error, the regarding user's Email property is empty in his/her Entra ID user account. Please update the user account by entering the email address to the Email property and try logging in again.