Contact Us

Entra ID Wi-Fi Authentication with RADIUS In Unifi Ubiquiti Networks

How to setup wifi authentication with Entra ID Microsoft 365 Identities in Unifi Wi-Fi WPA3 Enterprise
28 Jun 2025

How to Secure Your Unifi Wi-Fi WPA3 Enterprise with Entra ID Microsoft 365 Identities

Congratulations! You are planning on securing your network with WPA3 Enterprise and move to a more modern way of authenticating your users. Since you are already using Microsoft Identities, you probably would want to also use them for Wi-Fi authentication. This means that when your user gets created, it magically can connect to the network without the need for a shared key or a password and when the user leaves, they can no longer connect to the network. While Ubiquity has been on top of the game for a while, they have not implemented WPA3 Enterprise with Microsoft Identities (Entra ID) out of the box, but they do support RADIUS authentication which means that you can use a cloud RADIUS service to authenticate your users with Entra ID. As you will see in the video below, it is very easy to set up your network to authenticate users with Entra ID (with a few caveats, if you are using Apple devices, you have to install a wifi profile that can also be pushed through Intune since Apple devices default to an authentication method not supported by Entra ID).

What is The Best Way to Secure Your Unifi Wi-Fi WPA3 Enterprise in Ubiquiti Networks?

While username and password is a great step forward compared to a shared key, it is still not the most secure way to authenticate users and we know that in the zero-trust world, passwordless authentication is the way to go so if you are using an MDM such as Intune, JAMF, or ManageEngine, you can use it to distribute a certificate to your devices and then use a RADIUS service to authenticate the device or user using the certificate. This way you can have a secure network without the need for passwords or MFA. I know what you are thinking, “Now I have to also run a PKI, I was assigned this project and I just want to get it done. Not grow my infrastructure I have to manage”. This is where EZCA comes in, it is a cloud PKI that is fully managed and can be integrated with your MDM to distribute certificates to your devices. Below you can see a video on step by step how to set up your network with Intune, EZRADIUS, and EZCA in less than 30 minutes.



How Can I Learn More About Secure Wi-Fi Authentication in Ubiquity?

If you made it this far in the blog post, you are probably interested in learning more about how to secure your network with Entra ID and RADIUS. We have a few resources that can help you get started: our YouTube Channel has some great explanation videos, and even some funny videos about the IT world, our documentation has step-by-step guides on how to set up your network with Entra ID and RADIUS, and our blog has some great articles on how to secure your network with Entra ID and RADIUS. If you have any questions, feel free to schedule a call with one of our experts, they will be happy to help you get started securing your network.

You Might Also Want to Read