Azure AD SSO
This page describes setting up SSO using Azure Active Directory (AD).
Azure AD specific configurations
- Log into the Azure Portal with the appropriate permissions
- Click or search for
Azure Active Directory
- On the left panel, click
App Registrations
under the Manage header - Click the
+ New Registration
button to create a new application to leverage SSO - Give the application a name (i.e. RegScale)
- Pick the
Supported Account Type
- this is typically set to "Accounts in this organizational directory only" - Under
Redirect URI
, set the following:- Select
Single-page application (SPA)
from the pulldown - Enter the redirect URI - this should be your domain name plus the /login route (i.e. https://sandbox.regscale.com/login); NOTE 1: The redirect must return to the RegScale login page for the round trip to succeed; NOTE : Redirect URL is case sensitive - highly recommend all lower case
- Select
- Click the
Register
button to complete the application registration - You should be redirected to a new
Overview
screen that contains three pieces of information that you will need to configure RegScale:- Application (client) ID
- Directory (tenant) ID
- Redirect URI (what you setup in the previous step)
- NOTE: Copy these values to Notepad or another convenient place for future RegScale configuration
- The next step is to configure the attributes that AD will pass back to RegScale in the token.
- Click
Token Configuration
- Click
+ Add Optional Claim
- Select
ID
as the token type - Click the following checkboxes:
- family_name - maps to RegScale Last Name
- given_name - maps to RegScale First Name
- email - maps to RegScale Email
- Click
Add
button to complete this step. If prompted, turn on Microsoft Graph to allow some of these attributes to be read.
At this point, configuration in Azure AD is complete and RegScale must be configured using this information.
Updated 11 months ago