Chat now with support
Chat with Support

Starling Two-Factor Authentication Current - Administration Guide

Starling Two-Factor Authentication Getting started Collaborators Users Approvals Integrations Hardware Tokens Settings Downloads

Introduction to Integrations

The Integrations page of Starling Two-Factor Authentication is used for integrating Azure Active Directory with your Starling Two-Factor Authentication service. This allows for Azure Active Directory to take advantage of Starling Two-Factor Authentication's advanced two-factor authentication capabilities to further protect your resources.

Integrations page

The Integrations page is displayed when Integrations is clicked in the navigation bar. The Integrations page is used by Administrators and Primary Administrators to integrate Azure Active Directory with your Starling Two-Factor Authentication service.

The following options appear on this page:

My integrations

This section is blank until an Azure Active Directory integration has been configured. Once an integration is completed, the following options will appear after clicking the button on an Azure Active Directory tile:

  • View JSON: Selecting this option opens a dialog displaying the JSON data used when adding the integration. You can copy the JSON data from the dialog using the button. Click Close to close the dialog and return to the Integrations page.
  • Disconnect: Selecting this option opens a dialog explaining how to disconnect Azure Active Directory and Starling Two-Factor Authentication. For more information, see Disconnecting Azure Active Directory.
Available integrations

Click the Azure AD tile in this section to integrate Azure Active Directory with Starling Two-Factor Authentication. For more information, see Integrating Azure Active Directory.

Integrating Azure Active Directory

Follow these instructions in order to integrate Azure Active Directory with Starling Two-Factor Authentication.

To integrate Azure Active Directory with Starling Two-Factor Authentication

IMPORTANT: A subscription to a premium Azure Active Directory edition is required.

IMPORTANT: You must use an internal Privileged Role Administrator or internal Global Administrator Azure Active Directory account.

  1. On the Integrations page, click the Azure AD tile in the Available integrations section.
  2. In the Configure Azure AD integration dialog, click Grant permission.
  3. Sign in to your Azure Active Directory account. Once you have completed signing in you will be redirected back to Starling Two-Factor Authentication.
  4. Copy the JSON data from the Configure Azure AD integration dialog using the button.
  5. In a separate tab or window, open and log in to the Azure portal with the account used in step 3.
  6. In the Azure portal, click All services.
  7. Click Identity.
  8. Click Conditional Access.
  9. On the Conditional Access – Policies page, click Custom controls.
  10. On the Custom controls page, click the New custom control button.
  11. Paste the JSON data copied from Starling Two-Factor Authentication in the textbox.
  12. Click the Create button.
  13. Once you have completed the Azure Active Directory changes, return to Starling Two-Factor Authentication and click Continue in the Configure Azure AD integration dialog.
  14. In the Azure portal, click All services.
  15. Click Identity.
  16. Click Conditional Access.
  17. On the Conditional Access – Policies page, click the New policy button.
  18. In the Name field, enter a name for the policy.
  19. Click Users and groups.
  20. On the Users and groups page, assign any necessary users and groups to the policy.
  21. Click the Done button.
  22. Click Cloud apps or actions.
  23. On the Cloud apps or actions page, assign any necessary cloud applications to the policy.
  24. Click the Done button.
  25. Click Grant.
  26. On the Grant page, select Grant access.
  27. Select the check box for the 2FA custom control that was created using the JSON data.
  28. Click the Select button.
  29. Enable the policy by switching the toggle to On.
  30. Click the Create button.
  31. Return to Starling Two-Factor Authentication and click Complete in the Configure Azure AD integration dialog. The integration will be listed under the My integrations section of Starling Two-Factor Authentication, and the cloud applications assigned to the policy will begin prompting for two-factor authentication.

Disconnecting Azure Active Directory

Follow these instructions in order to disconnect Azure Active Directory from Starling Two-Factor Authentication.

To disconnect Azure Active Directory from Starling Two-Factor Authentication

IMPORTANT: A subscription to a premium Azure Active Directory edition is required.

IMPORTANT: You must use an internal Privileged Role Administrator or internal Global Administrator Azure Active Directory account associated with the instance being disconnected.

  1. On the Integrations page, click the button associated with the Azure AD tile being disconnected.
  2. Select Disconnect.
  3. In a separate tab or window, open the Azure portal and sign in to your account.
  4. In Azure Active Directory, click All services.
  5. Click Identity.
  6. Click Conditional Access.
  7. On the Conditional Access – Policies page, delete the Starling Two-Factor Authentication policy that is being disconnected.
  8. On the Conditional Access – Policies page, click Custom controls.
  9. On the Custom controls page, delete the custom control associated with Starling Two-Factor Authentication.
  10. Return to Starling Two-Factor Authentication and click Disconnect. The integration will no longer appear listed in the My integrations section.
Related Documents