Xakia supports Federated Identity (also known as Single Sign-On) through Microsoft Entra ID via the Open Id Connect (OIDC) protocol.
The Entra ID SSO App in Xakia allows you to provision users in Xakia from Entra ID through a periodic sync job maintained by Xakia. This sync job runs daily but can also be triggered manually as needed.
You will need:
Company Admin or Location Admin access in Xakia
Global Administrator access in Entra ID (if you do not have Global Administrator access in Entra ID, you may need to temporarily add a Entra ID Global Administrator as a Location Admin user in your Xakia location)
A Xakia Support Account is highly recommended to ensure that Xakia Support are able to quickly assist if required during the transition.
To set up the Entra ID SSO App:
Add the App in Xakia
Navigate to 'Admin' > 'Apps'. If 'Apps' is not available, contact Xakia Support and we can enable it for you.
Locate the Entra ID App in the 'Available Apps' section, and click 'Install'. If Entra ID is not available, contact Xakia Support and we can enable it for you.
Click the 'Configure' button to begin configuring the Entra ID App.
Granting Permissions:
Make sure there is an Entra ID Global Administrator authorize the Xakia application. If you are an Entra ID Global Administrator you can click the 'Get the App' button under the 'Grant Permissions' heading to authorize the Xakia application. Otherwise you will need to temporarily add your Entra ID Global Administrator to this Xakia location and have them authorize the Xakia Application in Entra ID.
Once 'Get the App' is clicked you will be taken to Microsoft Entra ID.
Sign in to Microsoft Entra ID as an Entra ID Global Administrator
Review and accept the permissions requested for your organization.
After completing these steps, Xakia will automatically populate the following fields:
Tenant ID
Consent Granted by (person who provided consent)
Consent Granted on (date of acceptance in UTC)
User Sign In
By default Xakia will take the User Principal Name (UPN) of a user as the users email address in Xakia.
If your users UPNs in Entra are not the same as their primary email address, you will need to change the Username Claim setting to "Email".
User Provisioning
Create a new Security group in Entra ID. This can be done via the Azure Portal or the Microsoft 365 Admin Center. Note that only Security groups are supported. Microsoft 365 groups are not supported.
Add desired Xakia users to this group in Entra.
Enter the group's name as the 'User Sync Group' in the Xakia Entra ID App configuration page.
Click the 'Sync Users Now' button to trigger an immediate sync - This can take up to 5 minutes to complete.
Provisioned users will be displayed on the Xakia Entra ID App configuration page. You can also verify that users have been provisioned by reviewing the Users list in Admin.
Note: The sync process happens automatically every day to ensure that users' details are kept up to date in Xakia. You can also manually sync users by clicking 'Sync Users Now,' e.g., when new users have been added or if users have been removed.
What happens when a user sync occurs?
New users in the sync group are added to Xakia that do not have Xakia accounts are added to Xakia. Please note: new users are given the default Role of Mid-Level Lawyer and the default Access of My Matters.
Deactivated Xakia accounts are reactivated if users are in the sync group
Users removed from the sync group are deactivated in Xakia
Updated email addresses, first names, and last names are reflected in Xakia
Important note! When Entra ID is synced with Xakia, it serves as the source of truth for managing users. Therefore, when removing users or changing users' details, it is best to do this in Entra ID. If such changes are made directly in Xakia, a user sync from Entra ID will likely undo your changes.
Once users have been synced with Microsoft Entra (this may take a few minutes), they will be visible in Xakia:
Navigate to 'Admin' > 'Users'
Use the filter on the top right to select 'All Users'
Send invitations to new users.
Users will receive an invitation email which contains further instructions on completing their registration.
The users will receive and email and will need to complete the following:
Click the link
Accept the Privacy Policy
Click Register
Note: Once registered, the users will only need to enter their username (e.g., email address) to access Xakia; no password is required.