Microsoft Azure Entra ID

Configure Microsoft Azure as SSO for CrushBank

Register your app with the Microsoft Identity Platform

1. https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app
2. Redirect URI
   1. Need to add the following redirect URIs. (*Make sure they are for Web Platform and not Mobile and Desktop Applications)
      1. US Clients:
         1. https://login.crushbank.com/login/callback
         2. https://connectwiselogin.crushbank.com/login/callback
      2. UK Clients:
         1. https://eu-login.crushbank.com/login/callback
         2. https://eu-podlogin.crushbank.com/login/callback
      3. AU Clients:

1. 1. 1. 1. https://au-login.crushbank.com/login/callback
         2. https://au-podlogin.crushbank.com/login/callback
      2. DE Clients:
         1. https://de-login.crushbank.com/login/callback
         2. https://de-podlogin.crushbank.com/login/callback
            

1. Create a client secret and copy your Client ID and Client Secret Value as you will need to provide it to CrushBank. 
   1. Application (Client) ID is found under Overview
      
      
   2. Client Secret Value is found under Certificates & Secrets
      

Configure Permissions

1. https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-configure-app-access-web-apis#add-permissions-to-access-web-apis
2. Configure permissions for Microsoft Graph API.
   1. Users > User.Read
   2. Directory > Directory.Read.All

Create Support Ticket with CrushBank

1. Send an email to the onboarding specialist you are working with or email support@crushbank.com with subject "New SSO Connection". Please include the following in the email.
   
   1. Client ID
   2. Client Secret - *Make sure you provide the client secret value not the client secret id
   3. Microsoft Azure AD Domain
2. Once we process your ticket and setup the connection on our side, we will setup a call with you to walk through the SSO integration and test.