Integrating Single Sign-On (SSO) with your enterprise platform is a critical step in ensuring seamless access and enhanced security for your users. Microsoft Entra ID, formerly called Azure, is one of the leading identity and access management solutions, offers robust SSO capabilities.
At Goodworld, we've built our platform to seamlessly integrate with Microsoft Entra SSO, ensuring a smooth and secure user experience. Here are the best practices for using and configuring the Microsoft Azure integration.
1. Understand the Basics of Microsoft SSO
Before diving into the configuration, it’s essential to understand the fundamental concepts of Microsoft Entra ID SSO:
Entra Identity Directory (Entra ID): The cloud-based identity and access management service.
SSO: Allows users to sign in once and access multiple applications without having to re-authenticate.
OpenID Connect: Protocol used for the Entra ID SSO integrations.
2. Prepare Your Entra ID Environment
Set Up Your Entra ID Tenant: If you don't have an Entra ID tenant, create one through the Your Entra portal.
Add and Verify Domain: Ensure your domain is verified in Entra ID. This will be crucial for setting up SSO.
3. Register the Goodworld Application
Navigate to Entra ID: In the Entra ID portal
App Registrations: Click on "App registrations" and then "New registration."
Enter Application Details: Provide a name for the application (e.g., "Goodworld SSO"), and specify the supported account types.
Browse to Authentication
Under Platform configurations, select Add a platform.
In the pane that opens, select Web
Under Redirect URIs, add the redirect URI: https://api.cheerfulgiving.com/oauth/callback/microsoft_entra_id
Under Implicit grant and hybrid flows, select the ID tokens (used for implicit and hybrid flows) checkbox.
After your App Registration is created, under Client Credential create your Client secret.
Now copy your:
Application (client) ID
Directory (tenant) ID
Client secret (value)
4. Configure the Goodworld Platform
Access SSO Settings: In your Goodworld admin dashboard, navigate to the SSO configuration section.
Enter Entra ID Details: Provide the details you configured in Entra ID, such as the Client ID, Client Secret, and Tenant ID.
Enable SSO: Enable SSO and test the configuration to ensure users can log in using Entra ID.
NOTE: 4.1 Using “My Apps” portal
If using Entra ID’s “My Apps” portal, extra configurations must be set:
In Goodworld:
Enter a “Login Redirect URL”. This is where users will land when accessing Goodworld through the My Apps portal
2. Under “Fields to copy into Microsoft Entra ID”, copy the value of “Homepage URL”
In Entra ID:
In the app configuration, enter the value copied in the “Homepage URL” property.
5. Test the Integration
Perform Initial Tests: Have a test user log in to Goodworld using Entra ID SSO to verify the setup.
Troubleshoot Issues: Check for common issues such as incorrect claims or certificate errors and rectify them.
6. Monitor and Maintain
Regular Audits: Periodically review the SSO configuration and Entra ID settings to ensure they are up-to-date and secure.
User Management: Manage users in Entra ID to control access to the Goodworld platform effectively.
Security Practices: Enable features such as multi-factor authentication (MFA) for additional security.
7. Documentation and Support
Document the Configuration: Keep detailed records of your SSO configuration for future reference and troubleshooting.
Leverage Support: Utilize Goodworld and Microsoft Entra ID support resources for any integration challenges.
Conclusion
Integrating Microsoft Entra ID SSO with Goodworld can significantly enhance user experience and security. By following these best practices, you ensure a smooth setup and ongoing management of your SSO integration. Regular monitoring and updates will help maintain a secure and efficient authentication process, benefiting both administrators and users.
For more detailed guidance and support, feel free to schedule a chat with our success team.
Happy integrating!