Azure AD SSO
This page describes setting up SSO using Azure Active Directory (AD).
Azure AD specific configurations
- Log into the Azure Portal with the appropriate permissions
- Click or search for
Azure Active Directory - On the left panel, click
App Registrationsunder the Manage header - Click the
+ New Registrationbutton to create a new application to leverage SSO - Give the application a name (i.e. RegScale)
- Pick the
Supported Account Type- this is typically set to "Accounts in this organizational directory only" - Under
Redirect URI, set the following:- Select
Single-page application (SPA)from the pulldown - Enter the redirect URI - this should be your domain name plus the /login route (i.e. https://sandbox.regscale.com/login); NOTE 1: The redirect must return to the RegScale login page for the round trip to succeed; NOTE : Redirect URL is case sensitive - highly recommend all lower case
- Select
- Click the
Registerbutton to complete the application registration - You should be redirected to a new
Overviewscreen that contains three pieces of information that you will need to configure RegScale:- Application (client) ID
- Directory (tenant) ID
- Redirect URI (what you setup in the previous step)
- NOTE: Copy these values to Notepad or another convenient place for future RegScale configuration
- The next step is to configure the attributes that AD will pass back to RegScale in the token.
- Click
Token Configuration - Click
+ Add Optional Claim - Select
IDas the token type - Click the following checkboxes:
- family_name - maps to RegScale Last Name
- given_name - maps to RegScale First Name
- email - maps to RegScale Email
- Click
Addbutton to complete this step. If prompted, turn on Microsoft Graph to allow some of these attributes to be read.
At this point, configuration in Azure AD is complete and RegScale must be configured using this information.
Updated 6 months ago