Yes, it is possible to work with domains and subdomains when integrating SMARTFENSE with Microsoft Entra ID. The selection will depend on which users you want to import.
How domains and subdomains work
In Microsoft Entra ID, a primary domain can contain multiple subdomains.
For example:
- Primary (parent) domain:
empresa.com - Subdomains:
ventas.empresa.com,soporte.empresa.com
It is also possible that the primary domain is:
*.onmicrosoft.com, depending on the tenant configuration
Which domain is best to use?
When configuring the integration, it is important to define:
- Whether the root domain will be used
- Or a specific subdomain
This decision depends on:
- The users you want to import
- How users are organized in Microsoft Entra ID
For example:
- If users belong to different subdomains → it is recommended to use the root domain
- If you want to import a specific group → a subdomain can be used
Where is it configured in the platform?
The configuration is done from:
Users and Groups > Import and Synchronization > From Microsoft Entra ID
From there you can define the integration and user synchronization parameters.
Behavior in SMARTFENSE
The integration with Microsoft Entra ID:
- Allows authenticating and synchronizing users from different domains and subdomains
- Works in a unified way within the same tenant
- Does not require additional configurations for each subdomain
Considerations
- Behavior depends on the tenant configuration in Microsoft Entra ID
- The choice of domain directly impacts the imported users
- This scenario is common and supported on the platform
💡 Best practices
- Define beforehand which users you want to import
- Validate the domain structure in Microsoft Entra ID
- Perform tests with different domains before the final implementation