O365 / Microsoft / Azure SSO Setup: Difference between revisions

From Vested Networks
Jump to navigation Jump to search
(Created page with " This page is part of the NOVA Teams guides. =Azure Active Directory / Microsoft Entra ID= ===Registration=== Once the email is received, copy the code provided to you at the bottom, and then click the ['''Complete]''' button<blockquote>frameless|1033x1033px You will then be redirected to a web page to sign in with your Microsoft Admin credentials Accept/Consent to all of the messages, this is you granting our connector acce...")
 
No edit summary
 
(3 intermediate revisions by the same user not shown)
Line 1: Line 1:


This page is part of the [[NOVA SSO|NOVA Teams]] guides.
This page is part of the [[NOVA SSO|NOVA SSO]] guides.
=Azure Active Directory / Microsoft Entra ID=
=Azure Login=
===Registration===
Login to https://portal.azure.com with your developer account
Once the email is received, copy the code provided to you at the bottom, and then click the ['''Complete]''' button<blockquote>[[File:NOVA-Teams-Setup1.png|frameless|1033x1033px]]


=== Azure Active Directory / Microsoft Entra ID ===
Select Azure Active Directory service (now known as Microsoft Entra ID). If it is not visible on the dashboard, you can use the search function to find it.


You will then be redirected to a web page to sign in with your Microsoft Admin credentials
Select App registrations from the side pane.


Accept/Consent to all of the messages, this is you granting our connector access to certain Microsoft processes</blockquote>
Register a New Application (if not previously performed) by clicking the "+new registration" button/link in the center pane.
===Dashboard===
Once done, you will be greeted with your dashboard which looks like the image below<blockquote>[[File:NOVA-Teams-Setup2.png|frameless|688x688px]]</blockquote>
===Enterprise Admin===
Complete all of the Enterprise Admin Action Items<blockquote>[[File:NOVA-Teams-Setup3.png|frameless|768x768px]]</blockquote>
===Direct Routing===
Once the action items are done, click on the Direct Routing option on the left<blockquote>[[File:NOVA-Teams-Setup4.png|frameless]]</blockquote>
===Selecting Gateway===
In the Available Gateways drop down, choose the option for US East 1. Now you will enter the code provided in your email in the field Invitation Code.<blockquote>[[File:NOVA-Teams-Setup5.png|frameless|940x940px]]</blockquote>
===Direct Routing===
Click Complete Direct Routing<blockquote>[[File:NOVA-Teams-Setup6.png|frameless|483x483px]]</blockquote>
===Verify Licenses===
A pop-up will be displayed validating the available licenses, click Complete Direct Routing once again<blockquote>[[File:NOVA-Teams-Setup7.png|frameless|684x684px]]</blockquote>
===Verify Status===
Once done, you will be sent back to the dashboard where it looks like this<blockquote>[[File:NOVA-Teams-Setup8.png|frameless|1076x1076px]]


==== Register an application ====
The window should look similar to the below:<blockquote>[[File:SSO MS 1.png|frameless|541x541px]]</blockquote>


It will take anywhere from 5 minutes to 36 hours for the direct routing to be completed. The Enterprise Admin will receive an email once direct routing is completed.</blockquote>
 
===Sync Voice Route===
Select the previously created App registration by clicking the Display name.
Once direct routing completes, log back in to your enterprise portal (<nowiki>https://enterprise.connecttoteams.com</nowiki>) and complete your Enterprise Admin Action Items<blockquote>[[File:NOVA-Teams-Setup9.png|frameless|796x796px]]</blockquote>
 
'''Please contact Vested Networks support if you need any further assistance.'''
Copy the newly created 'Application (client) ID' from the data set in the center of the pane and retain for a future step.
 
Select Authentication from the side pane.
 
==== Configure Platform ====
Under Platform Configurations choose "+Add a platform."
 
In the resulting Configure platform pane, select Web<blockquote>[[File:SSO MS 2.png|frameless|424x424px]]</blockquote>
 
===== Configure Web =====
In the resulting Configure Web pane, enter one of the required Redirect URLs, the Logout URL and select Implicit Grant for both Access tokens and ID tokens. When complete click Configure.
 
Redirect URI:
 
* <nowiki>https://nova.vestednetworks.com/portal/msal.php</nowiki>
 
Logout URL:
 
* <nowiki>https://nova.vestednetworks.com/portal/login/logout</nowiki>
 
The window should look similar to the below (but I bet you spelled logout correctly):<blockquote>[[File:SSO MS 3.png|frameless|600x600px]]</blockquote>
 
===== Add Redirects =====
Add the remaining required Redirect URLs by using the Add URI link at the bottom of the Web platform box.<blockquote>[[File:SSO MS 4.png|frameless|610x610px]]</blockquote>ALL required Redirect URIs are below:
 
* <nowiki>https://nova.vestednetworks.com/portal/msal.php</nowiki> (Added above)
* <nowiki>https://nova.vestednetworks.com/analytics/</nowiki>
* <nowiki>https://nova.vestednetworks.com/video/</nowiki>
* <nowiki>https://nova.vestednetworks.com/webphone</nowiki> {no trailing slash)
* <nowiki>https://nova.vestednetworks.com/</nowiki>
 
===== Review and Save =====
The Web platform box should look similar to below:<blockquote>[[File:SSO MS 5.png|frameless|633x633px]]</blockquote>Click "Save" at the top of the page. Your Office 365 SSO service will now be fully configured and enabled on Azure.<blockquote>[[File:SSO MS 6.png|frameless|716x716px]]</blockquote>
 
 
 
'''NOTE''': You should have "personal Microsoft accounts" listed in the "Supported account types" section. If missing, navigate to the Manifest and set the 'signInAudience' parameter to "AzureADandPersonalMicrosoftAccount"
 
Once this has been enabled, Vested Networks will need to know the 'Application (client) ID' that was retained from above so that we can put it in our system and then we can enable the SSO on our end.
'''If you have any questions about this process, or if you need assistance, please reach out to our Support Team by dialing HELP (4357) on your desk phone, calling (972) 924-6488, or emailing help@vestednetworks.com.'''

Latest revision as of 17:29, 25 October 2023

This page is part of the NOVA SSO guides.

Azure Login

Login to https://portal.azure.com with your developer account

Azure Active Directory / Microsoft Entra ID

Select Azure Active Directory service (now known as Microsoft Entra ID). If it is not visible on the dashboard, you can use the search function to find it.

Select App registrations from the side pane.

Register a New Application (if not previously performed) by clicking the "+new registration" button/link in the center pane.

Register an application

The window should look similar to the below:


Select the previously created App registration by clicking the Display name.

Copy the newly created 'Application (client) ID' from the data set in the center of the pane and retain for a future step.

Select Authentication from the side pane.

Configure Platform

Under Platform Configurations choose "+Add a platform."

In the resulting Configure platform pane, select Web

Configure Web

In the resulting Configure Web pane, enter one of the required Redirect URLs, the Logout URL and select Implicit Grant for both Access tokens and ID tokens. When complete click Configure.

Redirect URI:

  • https://nova.vestednetworks.com/portal/msal.php

Logout URL:

  • https://nova.vestednetworks.com/portal/login/logout

The window should look similar to the below (but I bet you spelled logout correctly):

Add Redirects

Add the remaining required Redirect URLs by using the Add URI link at the bottom of the Web platform box.

ALL required Redirect URIs are below:

  • https://nova.vestednetworks.com/portal/msal.php (Added above)
  • https://nova.vestednetworks.com/analytics/
  • https://nova.vestednetworks.com/video/
  • https://nova.vestednetworks.com/webphone {no trailing slash)
  • https://nova.vestednetworks.com/
Review and Save

The Web platform box should look similar to below:

Click "Save" at the top of the page. Your Office 365 SSO service will now be fully configured and enabled on Azure.


NOTE: You should have "personal Microsoft accounts" listed in the "Supported account types" section. If missing, navigate to the Manifest and set the 'signInAudience' parameter to "AzureADandPersonalMicrosoftAccount"

Once this has been enabled, Vested Networks will need to know the 'Application (client) ID' that was retained from above so that we can put it in our system and then we can enable the SSO on our end.

If you have any questions about this process, or if you need assistance, please reach out to our Support Team by dialing HELP (4357) on your desk phone, calling (972) 924-6488, or emailing help@vestednetworks.com.