Merge

This guide will walk you through the steps to register your web application Entra ID and then enter your client credentials into Merge. This will allow your customers to connect their accounts using OAuth. 

Step 1: Create web application and enable OAuth

In your <a href="https://portal.azure.com/#home" rel="nofollow noopener noreferrer" target="_blank">Active Azure Directory</a> portal, navigate to App Registration

Register a new application for your Azure Entra ID Account, see below for examples

- Name: any name of your choosing
- Supported account types: options 2 or 3 are both valid
 1. Accounts in any organizational directory
 2. Accounts in any organizational directory and personal Microsoft accounts
- Redirect URI: Web 
- Redirect URI: <a href="https://app.merge.dev/oauth/callback" rel="nofollow noopener noreferrer" target="_blank">https://app.merge.dev/oauth/callback</a>

1. In your <a href="https://portal.azure.com/#home" rel="nofollow noopener noreferrer" target="_blank">Active Azure Directory</a> portal, navigate to App Registration
 
 
 
2. Register a new application for your Azure Entra ID Account, see below for examples
 - Name: any name of your choosing
 - Supported account types: options 2 or 3 are both valid
 1. Accounts in any organizational directory
 2. Accounts in any organizational directory and personal Microsoft accounts
 - Redirect URI: Web 
 - Redirect URI: <a href="https://app.merge.dev/oauth/callback" rel="nofollow noopener noreferrer" target="_blank">https://app.merge.dev/oauth/callback</a>
 
3. When you're done, click Register!

Step 2: Saving web application values in Merge

Clicking Register will take you to a new page with important info to update and save.

If you have already set up your app registration you can navigate to this page via Azure Services -&gt; App Registration

Paste the information below into your <a href="https://app.merge.dev/integrations/hris" rel="nofollow noopener noreferrer" target="_blank">Microsoft Entra ID Integration Settings.</a>

1. Client Id - The Application ID above
2. Client Secret - The Client credentials link should show one secret
3. Object Id
4. Tenant (Directory) Id
5. Redirect Uri: <a href="https://app.merge.dev/oauth/callback" rel="nofollow noopener noreferrer" target="_blank">https://app.merge.dev/oauth/callback</a>

1. Clicking Register will take you to a new page with important info to update and save.
 
2. If you have already set up your app registration you can navigate to this page via Azure Services -&gt; App Registration
 
 
 
3. Paste the information below into your <a href="https://app.merge.dev/integrations/hris" rel="nofollow noopener noreferrer" target="_blank">Microsoft Entra ID Integration Settings.</a> 
 1. Client Id - The Application ID above
 2. Client Secret - The Client credentials link should show one secret
 3. Object Id
 4. Tenant (Directory) Id
 5. Redirect Uri: <a href="https://app.merge.dev/oauth/callback" rel="nofollow noopener noreferrer" target="_blank">https://app.merge.dev/oauth/callback</a>

Step 3: Auto refreshing Entra credentials

To do this step you must be an application owner or admin.

Navigate back to Entra and in the App Registration page, click on API Permissions

Then enable Application.ReadWrite.All and Directory.ReadWrite.All.

1. Navigate back to Entra and in the App Registration page, click on API Permissions
 
2. Then enable Application.ReadWrite.All and Directory.ReadWrite.All.

Note: Merge will refresh your credentials automatically before it expires - the default expiration is 180 days from creation. This will prevent your Linked Accounts from disconnecting due to a expired client secret. The new description for the refreshed client secret will "Merge OAuth App Password" + &lt;timestamp of creation date&gt;.

Overview

Instructions

Step 1: Create web application and enable OAuth

Step 2: Saving web application values in Merge

Step 3: Auto refreshing Entra credentials