Azure AD (Microsoft Entra ID) + Nectar Single Sign-On

Enable secure, seamless access to Nectar with Azure AD single sign-on authentication.

With Azure AD (Microsoft Entra ID) + Nectar, employees log in using their existing Microsoft credentials while IT maintains centralized control over access and security policies.

Overview

The Azure AD + Nectar Single Sign-On integration allows organizations to authenticate users through Microsoft Entra ID (formerly Azure Active Directory), simplifying login and strengthening security.

This integration is ideal for:

• IT teams managing identity and access through Microsoft
• Organizations standardizing on Microsoft 365
• Companies looking to reduce password fatigue
• Enterprises with strict security and compliance requirements

By enabling SSO with Azure AD, companies provide employees with secure, frictionless access to Nectar while maintaining centralized identity governance.

How It Works

Nectar integrates with Azure AD using standard SSO protocols to authenticate users securely.

What data syncs

Azure AD SSO focuses on authentication and identity verification rather than HR data sync.

Common identity attributes include:

• User email address
• Display name
• Unique user identifier (NameID)

Authentication method

The integration typically supports:

• SAML 2.0 single sign-on
• (If applicable) OAuth / OpenID Connect support

Login behavior

• Employees select “Log in with SSO” on Nectar
• Authentication is redirected to Azure AD
• Azure verifies identity and grants access to Nectar
• Access can be managed centrally via Azure security policies and conditional access

rules

Where users interact

Employees log in through Nectar’s SSO option. IT admins configure the integration inside Azure AD and Nectar’s SSO settings.

Key Features & Benefits

• Secure single sign-on through Microsoft Entra ID
• Centralized access management through Azure policies
• Reduced password fatigue and login friction
• Support for multi-factor authentication (MFA) via Azure
• Improved security posture with conditional access controls
• Faster employee onboarding with simplified system access

Setup & Implementation

Setting up Azure AD SSO with Nectar is straightforward for IT administrators.

High-level setup steps

1. Enable SSO in Nectar’s authentication settings
2. Add Nectar as an Enterprise Application in Azure AD
3. Configure SAML (or OIDC) settings
4. Exchange metadata (Entity ID, ACS URL, certificates)
5. Map required claims (email, NameID, etc.) 6. Test login and assign users or groups

Requirements

• Azure AD administrator access
• Nectar admin permissions
• SAML 2.0 (or OIDC) configuration capability

Estimated setup time: 30–60 minutes

IT involvement is typically required for configuration and testing.

For detailed instructions, visit the Help Center documentation.

Use Cases

• Allow employees to log into Nectar using Microsoft credentials
• Enforce MFA and conditional access policies for secure login
• Reduce IT support tickets related to password resets
• Simplify onboarding by granting access through Azure group assignment
• Centralize authentication management across business systems

Security & Compliance

The Azure AD + Nectar integration is built to support enterprise security standards.

It includes:

• SAML 2.0 or OIDC-based authentication
• Encrypted authentication assertions
• Support for Azure conditional access policies
• Role-based admin controls within Nectar
• Alignment with Nectar’s SOC 2 compliance standards (if applicable)

Only authorized administrators can configure or manage SSO settings.

Support & Resources

Helpful links:

• Azure AD SSO Help Center Article (link placeholder)
• Nectar Support Team: support@nectarhr.com
• Microsoft Entra ID Documentation (if approved for linking)