Step 1
Log in to https://portal.azure.com/ and go to “Azure Active Directory” in the sidebar. The sidebar may be folded/closed.
Step 2
Go to “App registrations” in the sidebar and click on “New registration”.
Step 3
Create a new registration. Complete the following fields:
- Name: the application name that users will see. Enter “Dialog” here unless the application is internally known under a different name.
- Supported account types: this is organization dependent and must be filled in yourself.
- Redirect URI: the Dialog URLs that Azure AD allows. These are required for the SSO handshake. Enter “https://api.dialog.nl/api/sso/openidconnectcallback” here.
Save these changes.
Step 4
Go to the app registration for further setup. Additional Redirect URIs can be set under “Authentication”.
Set the following uri's:
- https://api.dialog.nl/api/sso/openidconnectcallback
- https://acceptance-api.dialog.nl/api/sso/openidconnectcallback
Step 5
Go to “Branding” and set the name, logo, home page url and privacy statement url. Save the changes.
Step 6
Go to “API permissions” and click on the button “Grant admin consent”. This gives the app registration permission to access profile information of the users. Make sure that the following permissions are added before granting admin consent: "openid", "profile" and "User.Read".
Step 7
Go to “Certificates & secrets” and create a secret. Once you create the secret, you receive a value. Save and send this value to us (see step 8).
Note: when creating a secret, you specify an end date until which the secret is valid. When this date expires, it will no longer be possible for employees to log into Dialog via Single Sign on.
Set a reminder for yourself to create a new secret one week before it expires. You can then share the new value with us so that we can apply it again in Dialog. This will prevent employees from being unable to log in again.
Step 8
Collect the following information with the available information from the app registration. Information such as the directory / tenant ID can be found on the overview of the app registration. Share this information with your contact within Dialog.
Category | Answer |
Tenant ID | |
Client ID | |
Client secret value | |
Domain(s) | e.g. dialog.nl / dialog-hr.nl |