External authentication providers ASP.NET authentication Configure Azure AD app for user sync and SSO Set up the Learning Center to enable 365 authentication Set up an external login site Security in the cloud (Microsoft Azure) Map authentication between installations
5 min read

Configure Azure AD app for user sync and SSO

Last modified on one year ago

To add the Cursum Learning Center app to the App Launcher in Office 365:

  1. In your browser, in the top navigation bar, click the Office 365 App Launcher icon
  2. Click Admin and under Admin Centers, click Azure AD
  3. In the Azure Active Directory portal, click App registrations, New registration.


  4. Give your app a name and under Supported account types, choose who can use the application or access the API. To allow different organizations to use the site, you can choose from the remaining options. 
    Note: Usually, you should use Multitenant, but if company policy prefers a Single tenant, you can use it. 

  5. On the same page, specify that it is a Web and enter the URL for the sign-in page for example, https://companyname.com. Click Register.
    If the option 'Web' is not present in the installation, select Add platform.
  6. On the Overview page, copy the Application (client) ID and paste this into Notepad. You will need this when you are setting it up in the Learning Center. 

  7. On the Authentication page, under Redirect URLs, enter your sign-on URL, plus the following texts below:
    • /client
    • /admin/DomainAdmin/AzureADSyncAppConsent.aspx
    • /teams/auth/silent-end.aspx
    • /admin/DomainAdmin/AzureADGraphUserConsentLogin.aspx

     Example: https://www.yoursign-onurl.com/client

  8. And then click Save. (Make sure to check "Access tokens" and "ID Tokens")
  9. On the Certificates & secrets page, click New client secret to create a new app key then enter the description and duration for the key.
  10. Click Add. Make sure to copy the app key or value to your Notepad before leaving the page. You will need this key in the Learning Center settings.
  11. On the API permissions page, click Microsoft Graph, and under Delegated permissions, ensure that the following are selected:
    • Maintain access to data you have given it access to
    • Sign in and read user profile
    • View users’ email address
    • View users’ basic profile

  12. For Application permissions, make sure to select the following:
    • Read all groups
    • Read all users' full profiles
  13. Click Update permissions. Grant admin consent for all users in your directory. By granting admin consent, your end users will not be shown a consent screen when using the application.
    Your domain is now set up to grant your users access to the Learning Center. The next thing you need to do is to set up the Learning Center to enable Office 365 authentication.

  

Comments

No comment available