Officebooking supports integrations with Microsoft Entra ID to automatically provision users and manage access rights.
This allows organisations to centrally manage users and permissions in Entra ID, while Officebooking continuously synchronises this information to ensure accurate access control for room and asset booking.
This article explains the available integration models, how access rights are mapped, and which approach best fits your organisation.
Why integrate Entra ID with Officebooking?
An Entra ID integration enables you to:
- Automatically provision and deprovision users
- Keep user attributes up to date (e.g. department, authorisation status)
- Manage access rights centrally in Entra ID
- Ensure users can only book rooms and assets they are entitled to
- Reduce manual administration and prevent configuration drift
Supported integration models
Officebooking currently supports two Entra ID integration levels, depending on how advanced your access model needs to be.
1. Entra ID – Basic Integration
The basic integration focuses on user lifecycle management.
How it works
- Officebooking connects to Entra ID using default Microsoft Graph Integration
- User information is synchronised nightly
- Users are automatically enabled or disabled based on their Entra ID status
Data that is synchronised
- User profile information
- Department
- Account enabled / disabled state
Typical use cases
- Organisations that primarily need automatic user provisioning
- Environments where access to rooms is managed manually in Officebooking
- Smaller or less complex permission structures
2. Entra ID – Advanced Access Rights Integration
The advanced integration allows organisations to manage room and asset access entirely from Entra ID, using a structured group model.
This model is commonly used by larger organisations with strict access governance requirements.
Conceptual model
Entra ID structure
In Microsoft Entra ID, Administrative Units (AUs) and Groups serve different purposes:
- Administrative Units (AUs)
Used to scope administrative responsibility and structure large organisations. They allow access policies to be applied to specific subsets of users and resources. - Groups
Used to assign access to applications, resources, and permissions.
Example organisational setup
- All employees belong to a group that grants access to the Officebooking application
- Within that scope, Administrative Units represent organisational domains (e.g. departments or faculties)
- Within each AU, groups represent individual rooms or assets
- Membership of these groups determines who is allowed to book which room
Officebooking group model
Officebooking uses a group-based access model:
- User groups contain users
- Asset groups contain rooms or other bookable assets
- Access is based on the principle of most privilege:
- By default, users can access all assets
- Access is restricted by excluding users through asset groups
This model maps naturally to Entra ID group structures.
Pros and cons
Advantages
- No changes required to:
- Asset search
- Booking flow
- Entra ID remains the single place to manage permissions
- Fully automated access control
Considerations
- A large number of Entra-based groups may be created in Officebooking
- This can clutter user group and asset group overviews
- As a mitigation, Entra-managed groups can be hidden in the back office
Which integration should you choose?
| Scenario | Recommended integration |
|---|---|
| Basic user provisioning | Entra ID Basic |
| Centralised access control | Entra ID Advanced |
| Large organisations | Entra ID Advanced |
| Simple permission needs | Entra ID Basic |
Need help designing your integration?
Our team can help you:
- Choose the right integration model
- Design a scalable Entra ID group structure
- Configure secure Graph API access
- Validate and test access synchronisation
Contact Officebooking support to discuss your Entra ID integration requirements.