Microsoft Entra Verified ID is a decentralized id resolution that enables your customers to simply confirm their id on-line. It may be used with on-line companies and purposes that must confirm the id of your customers earlier than offering entry, like HR or Helpdesk techniques for instance.
Verified ID additionally permits you to securely onboard distant working customers by utilizing an IDV companion for the id verification and proofing service.
On this article, we’re going to configure Microsoft Entra Verified ID, learn to challenge a verifiable credential and I’ll present some examples of the way to use it.
Necessities
Microsoft Entra Verified ID can be utilized with all Microsoft Entra plans, together with the free plan. To configure it, you’ll need to have international administrator or authentication coverage administrator permission.
Additionally, you’ll need to have a customized area registered in Microsoft Entra to make use of the fast setup technique. In any other case, you’ll need to make use of the superior setup technique.
Establishing Microsoft Entra Verified ID
To arrange Verified ID we’re going to use the Fast Setup. The benefit of the fast setup technique is that you simply don’t must deploy an Azure Key Vault. As a substitute, we shall be utilizing a shared signing key that’s managed by Microsoft.
When you’ve got a customized area registered in Microsoft Entra, then you will notice the choice Get Began underneath Verified ID
- Open Microsoft Entra and click on on Get Began underneath Verified ID
- Click on once more on Get Began
- Choose the area that you simply wish to use
It takes a second to arrange your verified ID account. As soon as the method is accomplished you will notice the default workspace credential.
When you’ve got configured branding in your Microsoft 365 tenant, then the fashion will mechanically be utilized to your credentials card. You may change the fashion, by merely clicking on Edit Model under the Card.
You may’t change a lot concerning the fashion, solely the background coloration, emblem, and textual content coloration.
Configure Customers or Teams
By default, the verified worker card can be utilized by all workers in your tenant. You may change to a specific group of customers solely if you would like.
- Click on on Credentials
- Select the Verified Worker credential
- Go to Concern a credential
- Change who can retrieve a credential to Permit customers from chosen teams solely
- Choose the group(s) that you simply wish to give entry.
Revoke an issued Verifiable Credential
In some circumstances, you’ll need to revoke an issued verified ID, for instance when an worker is now not energetic, or when a pupil leaves the college.
To revoke a verified ID, you’ll need to go to the verified credential and select Revoke a credential. Right here you may seek for the credential that you simply wish to revoke. Necessary to notice right here is that you will want to look on the precise id.
The explanation for that is that solely the hash of the listed declare is saved, what you enter within the search field can also be hashed utilizing the identical algorithm.
Testing the Verified Worker Credential
With the credentials created for verified workers, we will now create your individual verified credentials and take a look at out the implementation on a demo website from Microsoft.
Step one is to get your individual Verified ID. We will do that on the MyAccount web page. Your customers can even be capable to use the tactic under to get their Verified ID. You have to to have the Microsoft Authenticator app put in in your cell phone.
- Open myaccount.microsoft.com
- Click on on Get my Verified ID
- Scan the QR Code with the Microsoft Authenticator app (select Work or Faculty account)
After you could have scanned the QR code within the authenticator app, you will notice the Verified Id in your app. Once you click on on the ID, you may see all the main points and all actions associated to the ID.
Testing your Verified ID
Microsoft has created a few instance purposes that you need to use to check out the verified ID or for instance of the way to implement it in your individual enterprise purposes. You too can use this demo vendor web site from Microsoft to authenticate along with your Verified ID.
There’s additionally an internet instance accessible the place you begin with onboarding at an organization and as soon as authenticated can “order” your system at a demo vendor web site. This instance reveals how a distant employee will be onboarded at your organization with out going into the workplace.
For the verification course of, an IDV companion is used. These companions can do the id verification, usually primarily based on a selfie and a replica of a government-issued ID. The verified ID of the IDV Associate can then be used to create a verified ID in your individual tenant (within the Woodgrove instance tenant on this case)
You may check out all of the steps within the course of your self. The True Id supplier can also be a demo supplier, simply click on subsequent, you don’t must add an precise passport or driver’s license to proceed.
Utilizing Face Examine
Microsoft not too long ago added Face Examine to the Verified ID platform. Face Examine permits firms so as to add an additional safety layer within the verification course of, by matching a selfie of the consumer with a profile image.
Azure AI companies are used for the facial matching course of, and essential to notice right here is that solely the match result’s shared and never the precise selfie. This fashion the privateness of the consumer is protected.
To make use of Face Examine, you’ll need to ensure that a profile image of the consumer is uploaded of the consumer. The consumer can do this themself on the MyAccount web page, or the administrator also can add the profile image within the Microsoft 365 admin Middle.
The requirement to make use of the Face Examine must be configured within the app that’s requesting the verified ID. Examine the documentation for extra info on the way to configure it.
LinkedIn Worker Verification
Verified ID will also be used to confirm your workplace on LinkedIn. The verification permits members and organizations to simply verify that the individuals they collaborate with are genuine and really their work affiliations on their profiles are correct.
Place of business verification on LinkedIn is at the moment in public evaluate and solely accessible for organizations with greater than 10.000 workers.
You may learn extra about LinkedIn Worker Verification in this text.
Wrapping Up
Microsoft Entra Verified ID is a superb resolution when that you must confirm the id of your workers in third-party purposes that assist decentralized id. You need to use a REST API to challenge and confirm credentials which makes it simple to implement in your utility.
Just remember to check out the end-to-end demo that Microsoft has created to see the total potential of Verified ID.
I hope you appreciated this text, when you’ve got any questions, simply drop a remark under!
