Setup Azure AD for VDV

Open the Azure Portal, navigate to "App Registration" and click "New Registration".

  1. For Supported account types select "Accounts in the organization directroy only".
    Redirect URI should be set to Web and the address to the VDV instance.
    Click "Register".
  2. On the overview page, copy the "Application (client) ID" for later use.
  3. On the overview page, click "Endpoints" and copy the "OpenID Connect metadata document" URL for later use.
  4. After registration go to "Certificates & secrets" and click "New client secret". Give the key a description and click "Add".
  5. Copy the Value of the new secret for later use.
    The secret value is only readable right after creation and will be hidden after navigation to another page.
  6. Go to the "App roles" and click "Create app role".
    For "Allowed member types" select "Users/Groups".
    Value should be the User Role ID from VDV.
    At least one role is required for SSO to work and it must be assigned to the organization inside VDV.

Assigning roles in Azure AD

Open the app under Enterprise Application (Click the link under "Managed application in local directory" on the Overview page or search for the application under Enterprise Applications).

Go to "Users and groups" and click "Add user/group", select the Users or groups and set the role you want them to have and click "Assign".

How did we do?

Setup Single Sign-On in VDV

Contact Support