What it provides
- Single sign-on — Sign in with Microsoft work account
- Conditional Access — Regentra honors your tenant’s Conditional Access policies, including MFA requirements
- Multi-tenant support — MSP techs sign in to your tenant; clients sign in to theirs
Setup
Enter your Tenant ID
Enter your Microsoft 365 Tenant ID (a GUID you can copy from the Entra admin center → Overview).
Frequently asked questions
Will SSO bypass MFA?
Will SSO bypass MFA?
No. Regentra honors whatever Conditional Access policy your tenant enforces — including MFA. If your tenant requires MFA, the user gets prompted by Microsoft before the redirect back to Regentra. Regentra also enforces app-level MFA when configured per-user.
Can I require everyone to sign in via SSO?
Can I require everyone to sign in via SSO?
Yes — under Settings → Authentication & SSO, set ‘Force SSO for users with @yourdomain emails’. Password-based sign-in is then disabled for those users.
What happens to existing password users?
What happens to existing password users?
Existing users keep working. They can sign in via password OR Microsoft. The two paths converge on the same Regentra account by email match — no double-account.
Can my MSP clients use their own tenants?
Can my MSP clients use their own tenants?
Yes — each Regentra organization configures SSO independently. MSP techs sign in to your tenant; clients sign in to theirs. The login page detects the tenant from the email domain.
How is this different from the Compliance Entra integration?
How is this different from the Compliance Entra integration?
SSO is for authenticating your team. The Compliance Entra integration is for collecting evidence from your Microsoft tenant. They are separate Entra apps with separate consent and lifecycles.