Dashboard SSO

Supported protocols: Saml, OpenId, SCIM and OAuth

OpenId example with Microsoft Entra ID

In your Azure Portal, go to Microsoft Entra ID, then create a new App registration by clicking on "New registration".

Give the app registration a name and choose "Public client/native (mobile & desktop)" and enter the callback url https://<fidentitytenantname>.fidentity.ch/api/v1/openid-login/callback the other settings can be left as default. Note that this also works if you have a custom fidentity domain (see Custom Domain).

Click Save.

Copy the tenant ID on the overview page and paste it in the url below. The OpenId Connect configuration can now be downloaded from this url:

https://login.microsoftonline.com/<tenantId>/.well-known/openid-configuration

Please send us the configuration (json).

Application Roles

It is possible to assign app roles to an enterprise application. Click "Create App Role", add a custom name, value and description.

The value is sent as roles claim (no additional token configuration necessary), please provide us with your roles values so that we can configure the mapping to fidentity roles.

Assign Roles

Roles are assigned to users or groups in the enterprise application as follows:

Testing

When changing configuration in Entra ID, it is important to start a completely new SSO login, preferrably using a private browser window, so that all current claims are set accordingly.