In order to setup the federation, we need the following 3 steps:
- Create an application registration in your Azure AD
- Create the federation in Smart Society. Based on the information collected in the previous step, we will create the federation on Smart Society.
- Acknowledge access by providing admin consent. We will share a link with you to finish the setup.
Create an application registration in your Azure AD
You will need to make sure that you are able to access the Microsoft Azure dashboard as an administrator which has the rights to create a new enterprise application.
You will need to record the following information:
Azure AD domain name : User Email Domains : Application ID : Secret Key value : Secret Key expiry date :
- Login to Azure portal, navigate to Azure Active Directory > Custom domain names
- Record the Azure AD domain name. This name should end with .onmicrosoft.com
- Record all email domains that your staff will use to identify themselves during an authentication session with us
Azure AD domain name : User Email Domains :
- Login to Azure portal, navigate to Azure Active Directory > App Registrations and click on New registration
- Under Register an applicationpanel
- Provide a Name for the application
- Select Accounts in this organizational directory only as supported account type
- Click Register
- Select the created application. Navigate to the Overview tab and record the Application ID
Application ID :
- Within the application,
- Navigate to the Branding tab
- Add the following URL as Home Page URL:
https://account.smart-society.io
- Click Save
- Within the application,
- Select the Authentication tab
- Add the following URLs as Redirect URIs:
https://smart-society.eu.auth0.com/login/callback https://login.smart-society.io/login/callback
- Click Save
Within the application.
- Select the Authentication tab
- Under Implicit grant section, select the ID tokens
- Click Save
- Within the Application,
- Select the Certificates & secrets tab
- Create a new client secret by specifying a key name and desired duration for the key. In order to prevent the federation to stop working when the key expires, we advise you to set expiry to Never.
- Copy the generated key to the clipboard before closing the panel. Record the key and expiry date:
Secret Key value : Secret Key expiry date :
- By now you should have collected all information as shown in the following list. Share that information with us.
Azure AD domain name : User Email Domains : Application ID : Secret Key value : Secret Key expiry date :
Create the federation in Smart Society
Once we have received your information, we will create the federation in the Smart Society platform. When that is done, we will share a URL with you for the last step.
Acknowledge access by providing admin consent
You will need to make sure that you are able to access the Microsoft Azure dashboard as a Global Admin to provide consent.
We will share an URL to provide the permission (consent) which then allows your users to log-in to the application. Launch the URL as a Global Admin. Click Accept to provide the consent. You will be prompted with a message as shown below which confirms the successful connection establishment.