You do not need to configure a client secret for secure authentication, but Microsoft Entra's audit logs and conditional access policy evaluation may show inaccurate location data for non-interactive sign-ins. To avoid this, you can configure a client secret by following the steps below.

Configure your app registration

Visit entra.microsoft.com.

Expand the Applications section in the menu on the left and select App registrations.

Choose the app registration you previously created.

Choose Authentication from the menu on the left.

Click the delete icon for the existing platform configuration.

Click Delete in the confirmation dialog.

Click the Add a platform button and then the Web button.

Enter https://identityprovider.red-gate.com/singlesignon/signin-oidc as the Redirect URI.

Click Configure.

Choose Certificates & secrets from the menu on the left.

Click the New client secret button.

Enter a description and then click the Add button.

Copy and retain your client secret value for a later step.

Configure SSO in the Redgate Portal

Navigate to the settings page and create a new configuration (or edit an existing one).

Enter the Authority URL from Entra as the Issuer URL and the Application (client) ID from Entra as the client_id.

Ignore the Entra information displayed below the Issuer URL.

Click the Optional section and enter the client secret you previously generated within Entra.

Click the Test without saving button.

You may be prompted to login.

If the test is successful click the Activate single sign-on button to apply these changes.