Skip to main content

Configuring EmpowerID for Custom Security Attributes

Before using Microsoft Entra Custom Security Attributes in EmpowerID, ensure the following configuration requirements are met.

Microsoft Entra Account Store Configuration

A properly configured Microsoft Entra account store must be set up in EmpowerID. The account store should have the necessary permissions to manage Custom Security Attributes. Verify that the connection to Microsoft Entra ID is active and functioning.

Enabling the Custom Security Attributes Inventory Job

The Microsoft Entra Resource System in EmpowerID requires the Custom Security Attributes Inventory job to be enabled.

Resource System Jobs Configuration Additional Jobs per System configuration for Microsoft Entra Resource System

To enable the job:

  1. Navigate to the Microsoft Entra Resource System settings
  2. Access the "Additional Jobs per System" section
  3. Locate "Custom Security Attributes Inventory" in the job list
  4. Ensure the job is enabled (toggle switch is turned on)

This inventory job is crucial for:

  • Synchronizing Custom Security Attributes between Microsoft Entra ID and EmpowerID
  • Maintaining an up-to-date inventory of all attribute sets and their configurations
  • Ensuring proper attribute assignment tracking and management

Configuring the Assignment Inventory Parameter

The Microsoft Entra Resource System requires the assignment inventory parameter to be enabled.

Configuration Parameters Configuration Parameters for Microsoft Entra Resource System

To enable the parameter:

  1. Navigate to the Microsoft Entra Resource System settings
  2. Access the "Configuration Parameters" section
  3. Locate "EnableCustomSecurityAttributesAssignmentInventory"
  4. Verify the parameter value is set to "true"

This configuration parameter is essential for:

  • Enabling the assignment inventory tracking for Custom Security Attributes
  • Maintaining synchronization of attribute assignments between Microsoft Entra ID and EmpowerID
  • Ensuring proper management of attribute assignments across the system

Important Configuration Notes

Critical Settings
  • The Custom Security Attributes Inventory job must remain enabled for continuous synchronization
  • The EnableCustomSecurityAttributesAssignmentInventory parameter must be set to true
  • Disabling either of these settings will:
    • Prevent proper synchronization between Microsoft Entra ID and EmpowerID
    • Stop the tracking of new attribute assignments and changes
    • Affect the management and visibility of Custom Security Attributes in EmpowerID

Next Steps

After verifying these configuration requirements: