Please follow these steps to setup Microsoft Azure Active Directory as the Single-Sign On (SSO) for your Aware environment and users. Aware must be registered through the Microsoft Azure Management portal.
Customer will need to provide the following information to Aware in order to complete the SSO integration for Aware.
- Application (Client) ID
- Client Secret
- AAD Domain
1. Register Aware in Azure Active Directory: Complete the steps required for adding Aware to customer's Azure Active Directory.
2. Login into your Azure Management Portal
3. Go To Azure Active Directory > App registrations > New registration
4. In the Register an application
- Name: Aware
- Supported account types: Accounts in this organizational directory only
- Redirect URI: https://wiretap-prod.auth0.com/login/callback
5. You will now enter the Overview page for the Aware app - copy Application (Client) ID
6. Go to API Permissions > Add a permission > Microsoft Graph
7. Select Delegated permissions
8. Expand Directory > check Directory.Read.All permission > Update permissions
9. Click Grant admin consent for Azure Tenant
10. Verify new permission has been granted
11. Configure Secret - Go to Certificates & secrets > New client secret
.png)
12. In the Add a client secret window
- Name:Aware Azure AD Key
- Expires:Never (recommended)
.png)
13. Click Add > Copy Secret value.
Hint: Make sure to copy the value of this secret before leaving this screen, otherwise you may need to create a new key.
It is desired to NOT set an expiration period for the client secret to avoid a service interruption. Customer can update secret for Aware app in Azure Active Directory at any time, please contact your Aware customer success manager to make sure Aware is configured with the updated secret.
14. Please contact your Customer Success Manager with following information:
- Application (Client) ID
- Client Secret
- AAD Domain
You will be notified shortly when the SSO for your Aware tenant is configured with the information provided.