1. Knowledge Base
  2. Single Sign On / Enterprise Connections

Microsoft Azure Entra ID

Configure Microsoft Azure as SSO for CrushBank


Register your app with the Microsoft Identity Platform

  1. https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app
  2. Redirect URI
    1. Need to add the following redirect URIs. (*Make sure they are for Web Platform and not Mobile and Desktop Applications)
      1. US Clients:
        1. https://login.crushbank.com/login/callback
        2. https://connectwiselogin.crushbank.com/login/callback
      2. UK Clients:
        1. https://eu-login.crushbank.com/login/callback
        2. https://eu-podlogin.crushbank.com/login/callback
      3. AU Clients:
        1. https://au-login.crushbank.com/login/callback
        2. https://au-podlogin.crushbank.com/login/callback

Please make sure you add both redirect URI's as the system uses both.

  1. Create a client secret and copy your Client ID and Client Secret Value as you will need to provide it to CrushBank. 
    1. Application (Client) ID is found under Overview

      Azure SSO Client ID
    2. Client Secret Value is found under Certificates & Secrets
      Azure SSO Client Value

Configure Permissions

  1. https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-configure-app-access-web-apis#add-permissions-to-access-web-apis
  2. Configure permissions for Microsoft Graph API.
    1. Users > User.Read
    2. Directory > Directory.Read.All

Create Support Ticket with CrushBank

  1. Send an email to the onboarding specialist you are working with or email support@crushbank.com with subject "New SSO Connection". Please include the following in the email.
    1. Client ID
    2. Client Secret - *Make sure you provide the client secret value not the client secret id
    3. Microsoft Azure AD Domain
  2. Once we process your ticket and setup the connection on our side, we will setup a call with you to walk through the SSO integration and test.