# Microsoft Entra ID

P0 is excited to announce the latest version of our Entra Integration, featuring two essential enhancements:

* **Just-in-Time Access for Roles:** Enables users to request just-in-time access to Entra Directory Roles.
* **Security perimeter:** A dedicated compute resource running in your environment, acting as a secure buffer. Only the Security perimeter is authorized to write to Entra role and group assignments, increasing resilience. This ensures that, even if P0 is compromised, malicious assignments cannot be written to your environment.

> **Note:** The Security perimeter requires a cloud computing environment.
>
> The instructions in thus guide will install both the security perimeter itself and configure Just-in-time access through P0\
> This guide provides instructions for deploying with Microsoft Azure. For GCP or AWS integration, please contact <support@p0.dev>.

## Setting up Entra ID

1. Navigate to **Integrations** on [p0.app](https://p0.app), then select **Entra ID**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-8cba1f1aad6565af9de2c6dd3a5e94d7c4bb4048%2Fentra_id.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

2. Click **IAM Management**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-0d228862d474da2b9ae97de4a67622cbd89953ed%2Fentra_id_iam_management.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

3. Click **Add tenant**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-953e9a558ce54e26f18f312e5b92e823382483aa%2FAdd_tenant.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

4. Enter your Entra tenant ID and select either **AzureCloud** or **AzureUSGovernment**.
5. Click **Next**.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-dd28b64d40c7cf0d44e46dde78da8342e53fd81e%2Ftentant_id_next.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

6. Choose either **Console** or **Shell** and complete the install instructions.

<figure><img src="https://3783273641-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FSQNwGQz62W737pY0FzVb%2Fuploads%2Fgit-blob-59567d940f8f84f3629bb7f2e76a390c06d50f23%2FIAM_Management_next.png?alt=media" alt="" width="375"><figcaption></figcaption></figure>

7. Add the **Client ID** of the perimeter in the installer UI.

## ✅ Completion

After completing the steps above, your P0 Security perimeter for Entra ID is ready to handle privileged access requests via the containerized Function App.

If you have further questions or require support for AWS or GCP integration, please contact <support@p0.dev>.