SSO manual for Azure Active Directory

Step 1

Log in to https://portal.azure.com/ and go to “Azure Active Directory” in the sidebar. The sidebar may be folded/closed.

Stap_1.png

 

Step 2

Go to “App registrations” in the sidebar and click on “New registration”.

Stap_2.png

 

Step 3

Create a new registration. Complete the following fields:

  • Name: the application name that users will see. Enter “Dialog” here unless the application is internally known under a different name.
  • Supported account types: this is organization dependent and must be filled in yourself.
  • Redirect URI: the Dialog URLs that Azure AD allows. These are required for the SSO handshake. Enter “https://api.dialog.nl/api/sso/openidconnectcallback” here.

Save these changes.

Stap_3.1.png

Stap_3.2.png

 

Step 4

Go to the app registration for further setup. Additional Redirect URIs can be set under “Authentication”. 

Set the following uri's:

Stap_4.jpg

 

Step 5

Go to “Branding” and set the name, logo, home page url and privacy statement url. Save the changes.

Stap_5.png

 

Step 6

Go to “API permissions” and click on the button “Grant admin consent”. This gives the app registration permission to access profile information of the users. Make sure that the following permissions are added before granting admin consent: "openid", "profile" and "User.Read".

Stap_6.png

 

Step 7

Go to “Certificates & secrets” and create a secret. Once you create the secret, you receive a value. Save and send this value to us (see step 8).

Note: when creating a secret, you specify an end date until which the secret is valid. When this date expires, it will no longer be possible for employees to log into Dialog via Single Sign on.

Set a reminder for yourself to create a new secret one week before it expires. You can then share the new value with us so that we can apply it again in Dialog. This will prevent employees from being unable to log in again.

Step 8

Collect the following information with the available information from the app registration. Information such as the directory / tenant ID can be found on the overview of the app registration. Share this information with your contact within Dialog.

Category Answer
Tenant ID  
Client ID  
Client secret value  
Domain(s) e.g. dialog.nl / dialog-hr.nl

 

Was this article helpful?
0 out of 0 found this helpful