Skip to content

SSO in Entra ID

Configuring Entra ID as an external identity provider lets users sign in with their Microsoft work accounts. Authentication—including single sign-on, multi-factor authentication, and conditional access—is handled by Entra ID.

This approach centralises user management and streamlines onboarding.

Step 1: Download the SSO Configuration Details Form

Download the form and fill in the values as you progress through this guide. After completing all steps, send the form to SIDRA Support.

Download SSO Configuration Details Form

Step 2: Register SIDRA Floating Licence as a client application

In Microsoft Entra ID:

  1. Go to App registrations and create a new registration
  2. Enter the basic information:
    • Define a name for the client application
    • In Supported account types, select "Accounts in this organizational directory only"
    • In Redirect URI, select Web and enter: 
      https://licensing.sidrasolutions.com/user/oauth20/cb
  3. Register the client application
  4. Copy these values into the SSO Configuration Details Form:
    • Client Key (Application client ID)
    • Authorization token URL (OAuth 2.0 authorization endpoint v2)
    • Access token URL (OAuth 2.0 token endpoint v2)
    • Identity provider name id (Issuer)
  5. Go to Authentication settings and enter the front-channel logout URL: 
    https://licensing.sidrasolutions.com/user/oidc/idp-logout

Step 3: Create a client secret

  1. Go to Certificates & Secrets settings
  2. Add a new client secret:
    • Write a description
    • Select when the secret should expire

Important

Copy the secret value immediately — it will not appear later.

  1. Using a secure method such as onetimesecret.com, share this secret with SIDRA Support
  2. Paste the secure link into the SSO Configuration Details Form

Step 4: Add API permissions for OIDC scopes

  1. Go to API permission settings
  2. Add a new API permission:
    • Select Microsoft Graph
    • Select Delegated permissions
  3. Select these permissions:
    • email
    • openid
    • profile
  4. Click Add permissions
  5. Grant admin consent (required before proceeding)

Step 5: Send the form to SIDRA Support

Save the completed SSO Configuration Details Form and email it to SIDRA Support.

Step 6: SIDRA completes configuration

Upon receiving your completed form, SIDRA will complete the configuration on the licensing server.

We will notify you when this is done.

Restricting access to specific users (optional)

By default, all members of your organisation can access the app. To restrict access:

  1. Go to Applications > Enterprise Applications
  2. Find and open the newly registered app
  3. Under Properties, change Assignment Required to Yes
  4. Go to Users and Groups tab
  5. Assign access to specific users and groups