Local credentials
BenefitConnect needed to move from a legacy local authentication model to external identity provider authentication.
Case Study
Connexure BenefitConnect SSO
How Connexure modernized BenefitConnect authentication with Microsoft Entra ID, external identity providers, and client-configured MFA.
Our Client
Connexure had an existing application called BenefitConnect that used a legacy local authentication model. The goal was to modernize access and align the application with current security expectations from enterprise clients.
The Challenge
BenefitConnect needed modern external authentication inside an older enterprise application.
The application needed to move from local forms authentication to an external identity provider model, while continuing to work inside an established enterprise application and supporting clients that already enforced MFA through Microsoft Entra ID.
Older codebase
The application had to support Microsoft Entra ID and OpenID Connect inside older technology.
Client-managed MFA
MFA had to fit into client-managed identity policies rather than a separate custom flow.
User experience
The login experience needed to remain straightforward for end users.
The Solution
External identity for BenefitConnect
We replaced local login handling with external authentication using Microsoft Entra ID and OpenID Connect, adapting the implementation to fit the older application architecture.
Microsoft login
Redirected authentication to Microsoft’s login page for corporate credential-based access.
OpenID Connect
Integrated OpenID Connect into the existing application with custom implementation work.
Client-side MFA
Allowed MFA to run through the client-side Entra ID setup already in place.
Internal user validation
Connected external identity results with the platform's existing user model.
Business Outcomes
Security improved by eliminating internal password storage and shifting authentication to external identity providers.
Users could log in with their existing corporate Microsoft credentials, improving convenience and control.
The solution was successfully deployed for two major Connexure clients.
Need to modernize access without rewriting the platform?
We help teams add external identity, stronger security, and safer user flows even in older enterprise applications.
Book a consultation