Single Sign-On and Microsoft Entra ID Directory Sync Are Now Live

Today we're shipping two features that change how teams get into UniAsset.

Google SSO, Microsoft SSO, and Microsoft Entra ID Directory Sync are now available.

The first two are available on every plan. The third is for Enterprise customers who want their company directory to run user management automatically — no manual invites, no stale accounts, no leaver risk.

The Problem These Solve

Every tool your team uses has its own login.

That means another password to create, another account to maintain, and another user list to keep accurate when someone joins, moves teams, or leaves the company.

For smaller teams, that's friction. For larger organizations, it's a genuine operational problem. When someone leaves and their UniAsset account isn't removed, that's a security gap. When a new hire joins and needs access, that's a ticket to IT. When your identity provider already knows exactly who should have access to what — but your tools don't talk to it — you're doing the same work twice.

These features close that gap.

Sign In With Google or Microsoft — Available on All Plans

Users can now sign in to UniAsset using their Google account or their Microsoft account (personal, work, or school).

This works for both new sign-ups and existing users.

If you're creating a new organization, you can register using Google or Microsoft — UniAsset will collect your organization name and country, then link your account to your provider. No separate password needed.

If you've been invited to join an existing organization, you can accept the invitation and complete setup using Google or Microsoft instead of creating a new password.

A few things worth knowing:

• Email verification is not required for SSO accounts. Your identity provider has already verified your email address.
• Password reset is not available for SSO-only accounts. If you sign in with Google or Microsoft, use those providers to manage your credentials.
• SSO is available on Free, Starter, Growth, and Enterprise plans.

For most teams, this is simply a faster, safer way to sign in. No password to forget. No separate credential to rotate.

Microsoft Entra ID Directory Sync — Enterprise

For organizations on the Enterprise plan, we've shipped something more substantial.

Microsoft Entra ID Directory Sync connects UniAsset directly to your company's Entra ID (formerly Azure Active Directory) tenant. Once connected, your directory becomes the single source of truth for who has access to UniAsset and what role they hold.

Here's what that means in practice.

Bulk User Import

When you connect your Entra ID tenant, you can pull your entire directory into UniAsset in a single operation. No CSV exports. No manual entry. Your users, from your directory, brought in automatically.

Group → Role Mapping

Most organizations already organize people into groups in Entra ID. Security groups, distribution lists, department groups.

With Group → Role Mapping, you can tell UniAsset: anyone in the Facilities Managers group should be a Manager in UniAsset. Anyone in Operations Viewers should be a Viewer.

UniAsset reads the user's group membership at sign-in and assigns the appropriate role automatically. If a user belongs to multiple mapped groups, the highest-privilege role wins. If their group membership changes in Entra, the change takes effect on their next login.

Auto-Provisioning

With auto-provisioning enabled, any user whose email matches your verified domain can sign in to UniAsset without needing an individual invitation.

They sign in with Microsoft, UniAsset confirms they're from your domain, and they're in — assigned the Employee role by default, or the role determined by their Entra group if mappings are configured.

This is the right choice for organizations that want low-friction onboarding without managing an invite list.

Nightly Auto-Deprovisioning

This is the one that matters most for security teams.

When someone leaves your organization and their Entra account is disabled, UniAsset doesn't know — unless you tell it manually. With auto-deprovisioning enabled, you don't need to.

Every night at 3am UTC, UniAsset checks the Entra account status of every Microsoft-linked user. Anyone whose Entra account has been disabled is automatically deactivated in UniAsset. They can't log in. Their assets and history are preserved. They can be reactivated manually from the Users page if needed.

For immediate action — if you can't wait for the overnight run — a Sync Now button triggers the check on demand.

This removes the most common source of lingering access: the departed employee whose accounts were cleaned up in the identity provider but not in every downstream tool.

Who This Is Built For

SSO is for every team that wants a simpler, more secure sign-in experience. If your organization uses Google Workspace or Microsoft 365, this is worth enabling today.

Entra ID Directory Sync is built for IT admins and operations managers at mid-to-large organizations where:

• Asset management spans multiple departments
• User lists change frequently as people join, move, and leave
• Security and compliance teams care about who has access to operational data
• Identity should be the single source of truth — not managed separately in every tool

If you manage UniAsset for a team of 50 or 500, keeping your user list accurate manually is work that shouldn't be necessary. Your directory already knows. Now UniAsset does too.

Security and Permissions

The Entra ID integration is scoped to read-only Graph API permissions: User.Read.All and Group.Read.All. UniAsset reads your directory — it does not write to it. OAuth tokens are encrypted at rest.

Connection is established through a standard Azure app consent flow that requires a Global Admin or equivalent in your Entra tenant.

Getting Started

For SSO — no configuration needed. The Google and Microsoft sign-in options are now live on the login page for all plans.

For Entra ID Directory Sync — go to Settings → Integrations → Microsoft Entra ID and follow the connection steps. You'll need an Azure account with admin consent rights and an active Enterprise subscription.

Full setup documentation is in the knowledge base:

• Signing in with Google or Microsoft
• Connecting Microsoft Entra ID
• Auto-Provisioning Users from Entra ID
• Group to Role Mapping
• Auto-Deprovisioning Leavers via Entra ID

On a plan that doesn't include Entra ID? Contact our sales team to discuss the Enterprise plan. SSO is available today on all plans — no upgrade needed.