This article highlights important considerations when managing an existing Entra ID SSO integration in Web Manuals. These points are especially relevant after initial setup and can help prevent unexpected disruptions to user synchronisation.
Once Entra ID SSO is configured and users are synchronized, Web Manuals maintains the connection using:
- The responsible Entra ID administrator account
- The selected Entra ID group
- The external IDs linking Entra ID users to Web Manuals users
Certain changes to this configuration can unintentionally disrupt synchronisation if not handled correctly.
Changing the Responsible Admin or Notify Email
If the responsible administrator account for the Entra ID connection is changed (for example, due to staff changes or account deactivation), this can result in:
- Entra ID groups disconnecting or disappearing in Web Manuals
- User synchronization failures
- Sync error notification emails being triggered
This behaviour can occur even if the SSO configuration otherwise appears correct.
Recommended Steps When Changing the Admin Account
If you need to change the administrator responsible for the Entra ID connection, we strongly recommend the following steps:
- System > Single Sign-On (SSO)
- Disconnect the existing Entra ID connection
- Reconnect Entra ID using the new administrator account
- Run a full user resynchronisation
This ensures that the connection is cleanly re-established and prevents group or sync issues.
Changing the Selected Entra ID Group
Only one Entra ID group can be selected for synchronization.
Please note:
- Changing the selected group and running a sync will inactivate all previously synced users who are not part of the newly selected group
- No user data is deleted, but access will be removed
Best practice:
Use a dedicated root Entra ID group for Web Manuals and manage access via sub-groups.
Sync Errors and Notification Emails
If you receive sync error emails:
- Check whether any recent changes were made to the Entra ID admin account or group structure
- Verify that the selected group still exists and is accessible
- Confirm that the Entra ID connection is active and synchronized
- Troubleshoot: Go to SSO > Configure > Select Entra ID group > Actions > Synchronize
If issues persist, disconnecting completely and reconnecting the Entra ID integration usually resolves the problem. Otherwise, reach out to support@webmanuals.aero.
Best Practices Summary
Avoid changing the Entra ID admin account without reconnecting the integration
Use a dedicated Entra ID root group for Web Manuals
After major Entra ID changes, perform a manual resync to confirm expected behaviour