Platform
Integrations
Identity Providers
Getting Started

Integrating with Identity Providers (IDPs)

Identity Provider (IDP) integrations allow NordStellar to connect directly with your organization's identity management system, such as Okta, Microsoft Entra ID (formerly Azure AD), or Google Workspace.

By integrating your IDP, you enable the NordStellar platform to securely fetch an accurate, real-time list of your active employee email addresses. This ensures that our security monitoring and breach alerts are always based on your current workforce, providing the most relevant and up-to-date protection.

Use Cases

Without an IDP integration, NordStellar identifies company-related emails through domain-based searches. While effective, this method can create "noise" by identifying emails of former employees. This can lead to:

  • Irrelevant Alerts: Receiving breach notifications for individuals who are no longer with your organization.
  • Data Inaccuracy: Your list of monitored employees can become outdated, making it difficult to focus on genuine threats to your active workforce.

By syncing directly with your IDP, you get a clean, precise, and current list of employees to monitor, eliminating noise and ensuring the accuracy of our security services.

Key Considerations and Restrictions

ℹ️

Before you begin, please take note of the following rules and behaviors associated with IDP integrations:

  • One IDP per Project: You can only have one active IDP integration per project at any given time.
  • Single Source of Truth: The platform treats your IDP as the single source of truth. During each sync, only users returned by the IDP are kept. For example, if the first sync on Day 1 returns 10 users, and a subsequent sync on Day 2 returns 9 users, the missing user (the 'delta user') will be deleted from the platform's user list. This deletion also includes all related events and any assets directly associated with that user.
  • Daily Synchronization: The synchronization process runs automatically once every 24 hours.
  • Enabling at Least One Source: If you disconnect your IDP and email autodiscovery is also off, your user list will be empty. At least one source must be enabled for continuous monitoring.
  • Admin-Only Integration: Only users with "Organization Admin" permissions can set up or manage IDP integrations.

Provider-Specific Instructions

Please follow the detailed guide for the Identity Provider you wish to integrate.

Microsoft Entra ID IntegrationGoogle Workspace IntegrationOkta Integration
Role Based Access ControlEntra ID
NordStellar © 2026Privacy Policy