Entra ID External Authentication Method for Mirket Integration

1. Create an Entra ID External Authentication Method Application in Mirket

The first step is to create an application within the Mirket Admin Portal for the Entra ID External Authentication Method.

1. Navigate to Configuration → Applications in the Mirket Admin interface.

2. Select Add New Application.

3. For Application Type, choose Entra ID External Authentication Method.

4. Leave all other settings at their default values, and proceed by clicking Next through the configuration steps.

5. Complete the wizard to create the application.

2. Create a New Application in Entra ID (App Registrations)

The next step is to create an application within Microsoft Entra ID under the App Registrations section.

1. In the Azure Portal, navigate to Microsoft Entra ID → App Registrations → New Registration.

2. Enter a name for the application and click Register to create it.

3. After the application is created, open it and go to the Redirect URIs section.

4. Click Add a platform and select Web.

5. In the field “Enter the redirect URI of the application”, paste the Authorization URL found in the Metadata section of the Entra ID External Authentication Method application you created earlier in the Mirket Admin Portal.

6. Under Implicit grant and hybrid flows, enable the following two options:

   • Access tokens (used for implicit flows)

   • ID tokens (used for implicit and hybrid flows)

7. Save the configuration.

3. Create a Group for Mirket-Based MFA Users

In this step, you will create a dedicated group in Entra ID for users who will authenticate using Mirket MFA.

1. In the Azure Portal, go to Microsoft Entra ID → Groups → New Group.

2. Create a new group that will represent users who should use Mirket as their MFA method.

3. Add all relevant users to this group.

4. Configure the External Authentication Method in Microsoft Entra ID

1. In the Azure Portal, navigate to Microsoft Entra ID → Authentication Methods.

2. Click Add external method.

3. Fill in the configuration fields as follows:

   • Name: Enter a descriptive name for the method.

   • Client ID: Paste the Client ID from the application you created in the Mirket Admin Portal (found under Client ID and Secret).

   • App ID: Enter the Application (Client) ID of the app you created in Step 2 in Entra ID.

   • Discovery Endpoint: Copy the Discovery Endpoint value from the Metadata section of the Entra ID External Authentication Method application in the Mirket Admin Portal.

1. Under Request admin consent, click Request Permission and grant the required permissions.

2. In the Include section, click Add → Target, choose Select Target, and select the group created in Step 3.

3. Enable the authentication method, then click Save to finalize the configuration.

5. Enable MFA for the User

The final step is to activate MFA for the user in Entra ID.

1. In the Azure Portal, navigate to Microsoft Entra ID → Users → Per-user MFA.

2. Locate the user who will authenticate using Mirket MFA.

3. Enable Multi-Factor Authentication for that user.

Once MFA is enabled, the user will begin using Mirket as their external authentication method during the MFA challenge flow.

User Experience Flow

After completing the configuration, users will encounter the Mirket authentication flow during sign-in.

1. The user enters their username and password on the standard Microsoft login page.

2. Once the primary authentication succeeds, Microsoft displays a popup informing the user that they will be redirected to the configured External Authentication Method.

3. The user clicks Continue, and is redirected to the Mirket Authentication Page.

4. The user completes the MFA challenge using Mirket.

1. Upon successful verification, the authentication process returns to Microsoft and access is granted.