Skip to main content
All CollectionsAdministering CloudVisManaging your organisation's settings
How do I set up SSO with Microsoft Azure?
How do I set up SSO with Microsoft Azure?

This guide details the steps required to configure Microsoft Azure to allow your users to login using their Microsoft account.

Updated over a week ago

Prerequisites

  1. A Microsoft Azure AD Tenant where you have permission to create application registrations.

  2. You must be able to log into the web app as an Administrator.

Setup

  1. Log into the Azure Web Portal (Microsoft Azure )

  2. Make sure you have the right Tenant selected:

    1. Look at the top right of the screen and the Tenant name is displayed under your email address (shown in red below).

    2. If the wrong one is selected click your profile picture and select Switch directory.

  3. Use the search bar at the top of the screen to find the App registrations section.

  4. Select New registration.

  5. Enter a suitable name for the application name.

  6. Choose the support account types that best suits your needs. The default Accounts in this organizational directory only is generally acceptable unless you have multiple AD domains.

  7. Obtain your Platform URL by logging into the web app, and copying the first two parts of the URL from your address bar. For example, your address bar may show:
    https://www.url.com/eu1/#/notifications

    This makes your platform URL:
    https://www.url.com/eu1

  8. Under Redirect URI:

    1. Select the platform dropdown and select Web

    2. Set the URL to [Platform URL]/ssoCallback
      (e.g. https://www.url.com/eu1/ssoCallback )

  9. Click the Register button.

  10. Select Certificates & secrets from the left-hand menu, the Client secrets tab then New client secret:

    1. The description is not important - enter a name of your choosing

    2. Set the Expires in accordance with your cyber security policy.
      Note: If you select a short period you will need to set a reminder to generate a new secret and update your SSO settings before the existing one expires.

  11. After the application is added the portal will display a Value and Secret ID. You do not need to use the Secret ID but the Value will be the SSO secret and you must take a note of this.
    Important: The portal will only show the secret value once so you will need to make a note of it before browsing away from this page.

  12. Select Overview from the left-hand menu:

    1. Make a note of your Application (client) ID - this will be your "Client ID" field you will need in a later step.

    2. Select Endpoints and make a note of your OpenID Connect metadata document URL.

  13. Log into the web app as an Administrator.

  14. Select Global Settings then the Change button next to Single Sign-On (SSO).

  15. Check Enable Single Sign-On and enter the details you note from the Azure portal:

    1. OpenID Connect metadata URL: Enter the URL you saved in Step 12a.

    2. Client ID: Enter the Application (client) ID you saved in Step 12b.

    3. Secret: Enter the Secret ID you saved in Step 11.

After saving your settings you should now be able to create a new user with an SSO account.

It is recommended to create a new test account that matches an e-mail address that is attached to an account within your Azure users.

Related Articles
How do I set up my user account?
How do I reset my password?
How do I configure Single Sign-On (SSO) for my organisation's user accounts?
How do I set up SSO with Google Cloud?
How do I set up SSO with Okta?
Did this answer your question?