Using Microsoft Entra for SSO
Last updated
Last updated
When you register the ENGAGE application with Microsoft Entra, you must grant the application User.Read
as a delegated permission for the Microsoft Graph API. For more information, refer to Overview of Microsoft Graph permissions in the Microsoft documentation.
If you incorrectly configure SSO for your group, members of your group will not be able to log in to the application. Ensure that you test your SSO log-in after you configure it.
To enable SSO for your Enterprise group and any subgroups, complete the following steps:
Go to https://app-eap.engagevr.io/, and then log in.
From the menu, select Groups.
Select the name or the View icon for the group.
Select the Security tab, and then select Single Sign-On (SSO).
On the SSO page, from the SSO Provider list, select Microsoft Entra ID.
Enter your Client ID, Tenant ID, and Client Secret. For more information about these fields, contact your SSO provider.
From the Enforcement list, choose one of the following options:
To require all members of the group or subgroups to use SSO to log in, select Full.
To require only members of the group or subgroups with specific email addresses to use SSO to log in, select Partial. Then, for each domain that you want to require SSO for, enter the domain in the Domain Name field, and then select Add.
Select Apply.