Page tree
Skip to end of metadata
Go to start of metadata

Introduction

This guide explains how to set up an OpenID Client in Azure AD, for use with Argus OpenID integration.

Instructions

  1. Log on to https://portal.azure.com with your administrator account
  2. Choose App registrations 
  3. Choose New registration 
  4. Choose a suitable/descriptive name, e.g. "Argus". Keep selection for "Single tenant" and "Web"
  5. Go to the new application instance
  6. Copy the client_id  from the created application, and send this to mnemonic (see first screenshot)
  7. Choose Authentication  
  8. Enter the Redirect URI as https://portal.mnemonic.no/spa/authentication/openid/provider/myprovider/authenticate
    (where "myprovider" is provided/agreed with mnemonic). See second screenshot.
  9. Choose Save 
  10. Choose API Permissions 
  11. Select User.Read  and choose Grant admin consent for <your organization> 

When mnemonic has received the client_id and completed configuration in their end, you should be able to test SSO.

User mapping

The default setup with Argus will use the email claim to identify the user.
Currently, all users must be defined up front in Argus, and configured with the email address that matches the email address returned by Azure in the email claim.

Authorization

If desirable, you can add authorization of users in Azure AD, before they are redirected back to Argus. This is done by adding users and/or groups to the Users and groups  tab in the application instance under Enterprise Applications
If this is set up, only users added to the application will be able to successfully redirect back to Argus.

  • No labels