Submit a ticket My Tickets

Single sign-on (Azure AD)

Requirements

Before we can set up this integration, we’ll need you to register a new application in Azure AD.

The initial configuration of this app should be:

  • Supported account types: Single tenant
  • Redirect URI: Web - https://auth.eidosystems.com/login/callback

Example of app setup

Next, you’ll need to grant the application permissions to query the Microsoft Graph on the users behalf (delegated permission):

Note that the application requires administrator consent for the organisation

Delegated permissions to query the users group membership

Once this is complete, we’ll need you to create a client secret for the application:

Client secret value

Please make sure to make a note of the value as we will need it when setting up the connection.

Important: Please make sure to set a calendar event to renew this client secret prior to the expiration date you set! Failure to renew before expiration will result in users being unable to log in!

Permissions configuration

At this stage, application roles to determine whether an authenticated user is an administrator or standard user should be defined:

Application role setup

Users/groups can be assigned to this role in the “Enterprise Applications” blade for this application.

We will require the role ID’s for both standard and administrative access to the Inform Consent Suite dashboard.

Information to send to us

Once you’ve completed the setup above we will need:

  • Your primary Azure AD domain name
  • Any additional domains which will be authenticating with this service
  • Client ID of your Azure AD Enterprise Application
  • Client secret which you created (please note the expiry warning above in bold)
  • The role ID of both the user roles for admin vs. standard users

Did you find it helpful? Yes No

Send feedback
Sorry we couldn't be helpful. Help us improve this article with your feedback.