Setup SSO with Microsoft Active Directory
This guide walks through enabling single sign-on (SSO), so your organization can access the emnify Portal using your Microsoft Business credentials.
- An Azure Subscription with an Active Directory license
- An emnify account using the same email address as the one used to sign in to Microsoft Azure
SSO with Microsoft
Log in to Azure and navigate to Azure Active Directory in the left sidebar.
At the top of the page, click + Add and then App Registration. From there:
- Give your app a Name (for example, "emnify").
- The Supported Account Types should be
Multitenant. This requests a consent screen on IDP verification in the Portal later.
- Set the Redirect URI to type
Webwith the value:
Navigate to Authentication in the left sidebar, and in the section Implicit grand and hybrid flows, enable
Access tokens and
Go to Token configuration in the left sidebar, click Add optional claim, and under SAML, enable the
Leave the option
Turn on the Microsoft Graph profile permission unchecked.
Head to API permissions in the left sidebar, click the existing permission entry Microsoft Graph (1) and confirm the
profile OpenID permissions.
Your configuration should look like this:
In the left sidebar, go to Expose an API, click Set, and then click Save.
After navigating to Certificates & Secrets in the left sidebar, click New client secret.
Copy the Value and save it to a secure location.
This value won't be shown again.
Choose an expiration date and mark your calendar to generate and configure a new secret before it expires.
Navigate to Overview in the sidebar and copy the Application (client) ID to use later in the emnify Portal.
Configure the emnify Portal
If you need SSO enabled for your account, contact support by selecting Upgrade. Otherwise, click Add under the Microsoft SSO provider.
Enter the Client ID and Client Secret with the values you copied earlier, then click Create and Activate.
The final step is to verify the provider. Click Verify Integration and follow the prompts.
You must complete the final step and verify the provider to configure SSO.
Refer to the Troubleshooting page if you encounter issues while setting up SSO.