Azure Active Directory
Single Sign On - effortless entrance
Last updated
Single Sign On - effortless entrance
Last updated
Follow these steps to create and configure a Single Sign-On (SSO) integration with Microsoft Azure for the Dot application.
Go to the Azure portal and navigate to Azure Active Directory > App registrations.
Click on New registration.
Enter the name of the application, for example, Dot Azure SSO.
Under Supported account types, select the relevant option for your organization.
For the Redirect URI, input the URI provided by your Dot settings.
Once the application is registered, you will be redirected to the application's overview page.
Copy the Application (client) ID and Directory (tenant) ID and save it for later use.
In the application's menu, click on Certificates & secrets.
Click on New client secret.
Add a description for the secret and set an expiry as required.
Once created, copy the value of the client secret.
You can now see the newly created client secret listed.
Note the secret's value, as it will be used in the Dot application configuration.
With the Application (client) ID and Client Secret copied, navigate to your Dot settings.
Paste these values into the corresponding fields in the Dot Azure SSO settings.
The Metadata URL is essential for SSO operations. Construct it using your Azure tenant ID that you have got in step 3:
Format: https://login.microsoftonline.com/{tenant-id}/v2.0/.well-known/openid-configuration
Once you've completed the above steps:
Save the configuration in Dot.
Test the SSO integration to ensure that it's functioning correctly.
In Azure, go to the "Enterprise application" created for Dot authentication and on the left change to "Manage" -> "Users and Groups"
Press "Add user / group" and then add single users or groups that should be able to login
Then on the left change to "Manage" -> "Properties"
Activate "Assignment required" → Now only users directly assign to this application by user or group can use the SSO in Dot to login
