Documentation
incode.com
  1. Integrations Ecosystem
  2. IAM Integrations
  3. Microsoft Entra EAM

Configure Entra Self-Service to Redirect to Incode Verification

By default, Microsoft Entra's Forgot Password link on the sign-in page initiates Entra's native Self-Service Password Reset (SSPR) flow. This page covers how to redirect that link to the Incode Self-Service Portal instead, routing employees through biometric identity verification before they can reset their password or MFA credentials.

This is useful when you want Incode to be the gating mechanism for all password and MFA resets, rather than relying solely on Entra's native recovery options.

Prerequisites

Ensure you have the following before you begin:

  • A Microsoft Entra administrator account with permissions to manage company branding and SSPR settings
  • The Incode Self-Serve Portal integration configured and the portal URL available. See Self-Serve Portal.
  • The Microsoft Entra Directory Sync integration active so Incode can look up users by email. See Microsoft Entra Directory.

Set Up Redirect Forgot Password to Incode

Retrieve Your Self-Serve Portal URL

  1. Log in to Dashboard.
  2. In the left menu, click Integrations.
  3. Click the Custom tab and open your Self-Serve Portal integration.
  4. Copy the portal URL.

Configure a Custom SSPR Link in Microsoft Entra

  1. Log in to your Microsoft Entra Admin Center as an administrator.
  2. Go to User Settings or Company Branding, depending on your Entra configuration.
  3. Locate the Self-Service Password Reset or Custom Helpdesk Link setting.
  4. Paste your Incode Self-Serve Portal URL as the custom link.
  5. Click Save.

Once configured, users who click Forgot password on the Entra sign-in page will be redirected to the Incode Self-Serve Portal, where they complete biometric verification before resetting their credentials.