This guide walks you through connecting your Microsoft Entra Verified ID in Azure to Traceless. Once integrated, you can verify customers and teammates using Microsoft Verified ID, so they can prove their identity with a verifiable credential on their device (most commonly through Microsoft Authenticator).
Prerequisites
Before you begin, make sure you have:
An active Traceless account with organization administrator permissions
A Microsoft Entra ID tenant where Microsoft Entra Verified ID is set up and can issue credentials your users will present when asked to verify
Colleagues or customers who have already downloaded the credential your organization uses for employee or partner identification (your Microsoft admin can confirm the exact credential type and rollout)
Integration Process
Step 1: Navigate to the Connection Page
Log in to your Traceless account.
You should see “Connect Your Azure AD Tenant to Microsoft Verified ID” and a short explanation of how Verified ID works.
Step 2: Sign In to Microsoft
Click “Log in to your tenant.”
You will be taken to Microsoft to sign in with an administrator account for the tenant you want to connect.
Complete any consent steps Microsoft shows for Traceless to connect to your tenant.
Step 3: Return to Traceless
After you finish in Microsoft, you will be sent back to Traceless automatically.
Traceless finishes linking your tenant: it records which Microsoft organization you connected, which email domains are verified for that tenant, and the information needed to request and validate verifiable credentials on your behalf.
Step 4: Confirmation
You should see a message that Microsoft Verified ID is active, including the domains that are covered by this connection.
The integration is ready to use for verification flows your organization has enabled in Traceless.
What Happens Behind the Scenes
When you connect:
Secure link: Traceless associates your Traceless organization with your Microsoft tenant and verified domains so verification requests are scoped correctly.
Credential checks: When someone is asked to verify with Microsoft Verified ID, Traceless asks Microsoft to start a credential presentation. The person completes it on their device; Microsoft tells Traceless when the presentation succeeds.
Identity alignment: Traceless checks that the verified identity matches the person you intended to verify using the email on the credential to match the recipient of the verification.
Using the Integration
Once connected, you can:
Send identity verification that uses Microsoft Verified ID where your workflows support it
Rely on the same ticket and messaging updates as with other Traceless verification methods when a verification completes successfully
Troubleshooting
Errors right after signing in at Microsoft
The handoff back to Traceless can fail if the session was interrupted or if Microsoft could not complete authorization. Try starting again from Step 1. If it keeps failing, confirm with your Microsoft administrator that Verified ID is configured for your tenant and that the account you use can consent to the connection.
Verification never completes for a specific person
Common causes:
Their email domain is not among the domains tied to the Microsoft tenant you connected—connect the correct tenant or ask your Microsoft admin to add or verify the domain.
They do not yet have the required verifiable credential on their device—they may need to enroll per your organization’s Microsoft Verified ID rollout.
They presented a credential for a different email than the one used for the verification—ask them to use the expected work account or the address your team used when starting the check.
“This verification link is expired” (for the person opening a link)
That usually means the link is old, already used, or no longer valid. Start a new verification from Traceless or your integrated tool.
Additional Resources
Setup Instructions: Use the link on the Microsoft Verified ID connection card in Traceless for step-by-step help aligned with the product.
Knowledge Base: help.traceless.io
Support: Contact hello@traceless.com if you are stuck after trying the steps above.
Security Notes
Connection uses Microsoft’s standard sign-in and consent experience for enterprise applications.
Traceless only uses the access needed to operate Verified ID verification for your organization.
You should treat verification links like sensitive links: share them only with the intended recipient and through your normal secure channels.
Removing the Integration
If you need to disconnect Microsoft Verified ID from Traceless:
Go to your Traceless account integrations here: https://traceless.io/organization/integrations
Find the Microsoft Verified ID integration.
Click
deleteand confirm.
Note: You must be an organization administrator in Traceless to connect integrations. If you do not have those permissions, ask your Traceless organization administrator to connect Microsoft Verified ID or to grant you the appropriate access.