Home
Connecting to other systems
Learn how to connect ClearID to other systems.
Synchronizing identities using Microsoft Entra ID
To synchronize external system attributes into Genetec ClearID™ identity attributes, you can use the web portal's integrated Microsoft Entra ID synchronization.
About Microsoft Entra ID synchronization
Microsoft Entra ID is a multi-tenant cloud-based directory and identity management service that combines core directory services, application access management, and identity protection. The Azure web app is used to connect Genetec ClearID™ to Microsoft Entra ID so that user information can be accessed and synchronized.

About ClearID
Learn about the ClearID self-service physical access management solution.
What's new
Check out what's new in the latest update to ClearID.
Deployment preparation
Check your compatibility and deployment requirements.
ClearID plugin
Learn how to download and install the plugin.
Managing identities and users
Learn how to manage identities and users.
Credential synchronization
Managing sites
Learn how to manage sites.
Managing areas
Learn how to manage areas.
Managing visitors
Learn how to manage visit requests and access requests.
Managing visitor watchlists
Learn how to manage visitor access using watchlists.
Role-based access control
Learn about role-based access control.
Connecting to other systems
Learn how to connect ClearID to other systems.
- Authenticating your connection
  Before you can connect with Genetec ClearID™ to synchronize data or issue API commands, you must first authenticate your applications (or API environment) so that your applications or API can communicate with ClearID.
- Setting up data synchronization
  Setting up data synchronization in Genetec ClearID™ involves learning some concepts, configuring the synchronization solution for your identity data, and the webhook integration options that are relevant for your organization.
- Synchronizing identities using Microsoft Entra ID
  To synchronize external system attributes into Genetec ClearID™ identity attributes, you can use the web portal's integrated Microsoft Entra ID synchronization.
  - About Microsoft Entra ID synchronization
    Microsoft Entra ID is a multi-tenant cloud-based directory and identity management service that combines core directory services, application access management, and identity protection. The Azure web app is used to connect Genetec ClearID™ to Microsoft Entra ID so that user information can be accessed and synchronized.
  - About Microsoft Entra ID attribute fields (Native Entra ID)
    When you synchronize an external system with Genetec ClearID™ using Microsoft Entra ID, your external system attributes are imported into ClearID identity attributes. The import uses the field mappings in Microsoft Entra ID to apply the attribute field values to identities in the ClearID portal.
  - Configuring identity synchronization using Microsoft Entra ID
    Before you can synchronize identities between Microsoft Entra ID and Genetec ClearID™, you must first configure identity synchronization in the ClearID portal.
  - Viewing Microsoft Entra ID synchronization logs
    You can consult the Microsoft Entra ID synchronization logs to review all synchronization-related activities for auditing or troubleshooting purposes.
- Synchronizing identities using an API
  Use the Genetec ClearID™ API to code your own solutions to automate various functions in ClearID. The primary use for the REST API is synchronizing identities, however many other scenarios are also possible.
- Synchronizing identities using the SCIM integration
  To synchronize external system attributes from a supported identity provider into Genetec ClearID™ identity attributes, you can use the System for Cross-domain Identity Management (SCIM) integration. These identity attributes can then be used in ClearID to assign people to roles and automate role-based access control.
- Synchronizing identities using One Identity
  Use the Genetec ClearID™ One Identity Synchronization Tool to synchronize external system attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
- Synchronizing identities using LDAP
  Use the Genetec ClearID™ LDAP Synchronization Agent to synchronize Active Directory (AD) Lightweight Directory Access Protocol (LDAP) attributes into Genetec ClearID™ identity attributes. These identity attributes in ClearID can then be used to assign people to roles and automate role-based access control.
Visitor management devices
Learn about the ClearID Self-Service Kiosk mobile app that simplifies visitor management and check-in.
Troubleshooting
Troubleshoot common issues that can occur.
Additional resources
Need tech support or product information? Check out these resources.
Glossary

About Microsoft Entra ID synchronization

2025-09-02

Microsoft Entra ID is a multi-tenant cloud-based directory and identity management service that combines core directory services, application access management, and identity protection. The Azure web app is used to connect Genetec ClearID™ to Microsoft Entra ID so that user information can be accessed and synchronized.

Connection information for Microsoft Entra ID

To connect Microsoft Entra ID to the ClearID web portal, you need the following information:

The Microsoft Entra ID connection settings dialog in the ClearID portal showing configuration information including Tenant ID, Application ID, and Client secret.

Tenant ID
Application ID (Client ID)
Client secret

Tip:

The Tenant ID, Application ID, and Client secret can be obtained from your Microsoft Entra ID application registration in the Azure web portal.

The enterprise application overview page in the Azure web portal with the Tenant ID and Application ID highlighted.

The enterprise application Certificates & client secrets page in the Azure web portal with the Client secret value highlighted.

Microsoft Entra ID API permissions

Before you can synchronize data with ClearID, an external system attributes administrator (IT or security personnel) must set up and configure the following API read permission privileges in Microsoft Entra ID. Only Application-type permissions are compatible with the native Microsoft Entra ID synchronization in ClearID.

Microsoft Graph (minimum requirements):

Application.Read.All - Used to get extension attributes.
- Allows the app to read applications and service principals without a signed-in user.
For more information, see List extensionProperties (directory extensions)
User.Read.All - Used to get user information.
- Allows the app to read identity user risk information for all users in your organization without a signed-in user.
Group.Read.All - Used to get group information.
- Allows the app to read group properties and memberships, and read conversations for all groups, without a signed-in user.

The enterprise application API permissions page in the Azure web portal with the required permissions highlighted.

For more information, see Microsoft Graph permissions reference.