Arkose on Microsoft Entra - Integration Setup

Overview

Microsoft Entra partners with Arkose Labs to deliver comprehensive protection against malicious online activities, securing account registration process. This integrated approach ensures that Arkose Labs filters out fraudulent and automated traffic before it can interact with your applications, while Microsoft Entra handles the secure authentication of legitimate users. When suspicious activity is detected, users encounter Arkose Labs' challenge mechanisms that effectively thwart both automated bots and coordinated human attack networks. These security measures are designed to preserve user experience by only activating during suspicious circumstances, ensuring minimal disruption to genuine authentication workflows.

The Challenge

  • Digital platforms face relentless attacks from cybercriminals seeking to create fraudulent profiles for malicious activities including financial fraud, spam campaigns, and platform abuse.
  • Attack methodologies continue to evolve in sophistication, prompting organizations across industries to seek advanced defensive solutions for their security arsenals.
  • Modern enterprises must strike a delicate balance between implementing robust security protocols and maintaining frictionless experiences for legitimate users.

How the Integration Works

  • Arkose Labs acts as the first line of defense. It analyzes incoming traffic patterns using advanced telemetry to identify suspicious behavior.
  • When threats are detected, the system deploys targeted challenges. These puzzles are simple for real users but impossible for bots to solve efficiently.
  • Legitimate users pass through to Microsoft Entra seamlessly. The identity platform then handles secure authentication and access verification.

Advanced Threat Protection

  • Modern attacks use both automated bots and coordinated human networks. Traditional security measures often fail against these evolving tactics.
  • The Arkose Labs solution specifically targets scalability weaknesses in attack operations. Fraudsters cannot economically solve challenges across large-scale campaigns.
  • Microsoft Entra provides the authentication backbone. It ensures verified users receive appropriate access rights and permissions.

User Experience Benefits

  • Security challenges only appear during suspicious activity. Most legitimate users never encounter additional authentication steps.
  • The integration operates within existing Microsoft Entra authentication flows. No reverse proxies or additional infrastructure requirements are needed.
  • Organizations can deploy this protection across multiple platforms. Mobile apps and websites receive consistent security coverage without configuration changes.

Fraud Prevention Capabilities

  • The system effectively prevents fake account creation used for spam and abuse.
  • Real users experience minimal friction during normal login processes. Enhanced security operates transparently in the background.
  • Arkose Labs guarantees their challenges remain unsolvable at scale. This commitment is backed by independent service level agreements.

How to Configure

Step 1: Creating an Arkose account

  1. Load Arkose Bot Manager website: Arkose Bot Manager.
  2. Click Talk To Our Experts button contact and register an Arkose Bot Manager account.
  3. Login to Arkose Command Center to obtain the following details.
    • Public key
    • Private key

Step 2: Creating a Service Integration

  1. Log in to your Microsoft Entra account.

  2. Navigate and select the Service Integrations section in the side navigation panel.

  3. After the page loads, click Get started button in the Sign-up protection (Preview) section.

  4. Provide a name for the policy in the Policy Setup page, ensure that Fraud protection at sign-up is selected and then select Next.

  5. Select Arkose Labs in the Sign-up provider screen and then select Next.

  6. In the Sign-up provider configuration page, select Create new in the Configure Arkose fraud protection step.

  7. Add the following parameters for the Arkose Bot Manager configuration and select Next.

    VariableDescriptionSample
    Configuration nameA configuration nameArkose Config for Sign-up page
    Public keyArkose public key obtained through Arkose Command CenterXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
    Private keyArkose private key obtained through Arkose Command CenterXXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
    Client SubdomainA customer specific subdomain to use for the verify call. For example companyname-api<companyname>-api
    Verify SubdomainA customer specific subdomain to use for the verify call. For example companyname-verify<companyname>-verify
  8. In the Apps to protect page, select the App(s) you want Arkose Bot Manager to protect and then select Next.

  9. Confirm that the protection policy configured is correct in the Summary and completion page, and select Create Policy to complete the step.

Step 3: Validate Arkose Bot Manager protection in application Quickstart

  1. Navigate and select the App registrations section in the side navigation panel.
  2. In the App registrations page, select the application you had configured for the Arkose Fraud Protection policy in the list.
  3. In the application details page, navigate and select Quickstart section.
  4. Customize the sign up experience by following the steps on the page and try out the sign up page with Arkose Bot Manager protection.
  5. Confirm and complete the steps.