Microsoft Entra

Visit entra.microsoft.com

Create an app registration

Expand the Applications section in the menu on the left and select App registrations.

Screenshot showing navigation to 'App registrations' in Entra

Click New registration on the App registrations page.

Screenshot showing 'New registration' button in Entra

Enter a name of your choice and choose as appropriate from the supported account types.

In the Redirect URI section choose Public client/native (mobile & desktop) and enter https://identityprovider.red-gate.com/singlesignon/signin-oidc

Then click Register.

Screenshot showing how to set the Redirect URI when registering an application in Entra

Choose Token configuration from the menu on the left and then click the Add optional claim button.

Screenshot showing adding an optional claim to the app's token configuration in Entra

Select ID as the Token type and then enable email in the table below.

Then click Add.

Screenshot showing selection of 'ID' as the Token type and the 'email' claim in Entra

In the popup dialog enable Turn on the Microsoft Graph email permission.

Then click Add.

Choose API permissions from the menu on the left.

Click the Grant admin consent for ... button.

Click the Yes button in the confirmation dialog.

Configure ssoadmin.red-gate.com

See the Single Sign-on documentation for further details.

Choose Overview from the menu on the left.

Copy the Application (client) ID value and paste it into ssoadmin.red-gate.com as the Client ID.

Screenshot showing the Application (client) ID from the app registration overview in Entra

Click the Endpoints button at the top of the page.

Screenshot showing the 'Endpoints' button under the app registration overview in Entra

Copy the Authority URL value and paste it in to ssoadmin.red-gate.com as the Issuer URL.

Screenshot showing the 'Authority URL' in Entra

Done

You can now continue within ssoadmin.red-gate.com and click Test Configuration to confirm the configuration is correct.

If Entra blocks your test stating You cannot access this right now you may need to configure a client secret.


Didn't find what you were looking for?