# Microsoft Entra ID

P0 is excited to announce the latest version of our Entra Integration, featuring two essential enhancements:

* **Just-in-Time Access for Roles:** Enables users to request just-in-time access to Entra Directory Roles.
* **Security perimeter:** A dedicated compute resource running in your environment, acting as a secure buffer. Only the Security perimeter is authorized to write to Entra role and group assignments, increasing resilience. This ensures that, even if P0 is compromised, malicious assignments cannot be written to your environment.

> **Note:** The Security perimeter requires a cloud computing environment.
>
> The instructions in thus guide will install both the security perimeter itself and configure Just-in-time access through P0\
> This guide provides instructions for deploying with Microsoft Azure. For GCP or AWS integration, please contact <support@p0.dev>.

## Setting up Entra ID

1. Navigate to **Integrations** on [p0.app](https://p0.app), then select **Entra ID**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-8cba1f1aad6565af9de2c6dd3a5e94d7c4bb4048%2Fentra_id.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

2. Click **IAM Management**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-0d228862d474da2b9ae97de4a67622cbd89953ed%2Fentra_id_iam_management.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

3. Click **Add tenant**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-953e9a558ce54e26f18f312e5b92e823382483aa%2FAdd_tenant.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

4. Enter your Entra tenant ID and select either **AzureCloud** or **AzureUSGovernment**.
5. Click **Next**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-dd28b64d40c7cf0d44e46dde78da8342e53fd81e%2Ftentant_id_next.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

6. Choose either **Console** or **Shell** and complete the install instructions.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-59567d940f8f84f3629bb7f2e76a390c06d50f23%2FIAM_Management_next.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

7. Add the **Client ID** of the perimeter in the installer UI.

## ✅ Completion

After completing the steps above, your P0 Security perimeter for Entra ID is ready to handle privileged access requests via the containerized Function App.

If you have further questions or require support for AWS or GCP integration, please contact <support@p0.dev>.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.p0.dev/integrations/directory-integrations/microsoft-entra-id.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.