Azure AD (OIDC)

Overview

Time to complete: about 15 minutes

What this does: This configuration allows your users to login to Silkline using their Microsoft 365 / Azure AD account.

Steps

Since there are several steps involved in this configuration and testing is required, we recommend scheduling time to walk through these steps together.

These steps will guide you through setting up a new app registration in Microsoft Azure AD to enable Single Sign-On (SSO) into Silkline via OpenID Connect. The configuration will allow Azure AD to serve as the identity provider (IdP) while Auth0 acts as the service managing authentication for your application.

1

Register a New App in Azure AD

1. Log in to Microsoft Entra (previously Azure Active Directory) Portal:

   • Navigate to https://entra.microsoft.com and log in with your Azure AD admin credentials.

2. Go to App Registrations:

   • In the left-hand menu, select Azure Active Directory → App registrations

   • Select New registration button

3. Register the Application:

   • Name: Enter a name for the app, such as Silkline-SSO.

   • Supported Account Types: Please select Single Tenant

   • Redirect URI: Set this to:

     • Web : https://silkline.us.auth0.com/login/callback

4. Click "Register" to create the app.

Example screenshot of Microsoft Entra admin center configuration

2

Gather App Details

1. From the Overview page of the app registration, and note down the following:

   • Application (client) ID: This will be used as the Client ID in Silklines Auth0 instance.

2. Click the “Endpoints” button and grab the OpenID Connect metadata document URL. It should look like this:

https://login.microsoftonline.com/729dfe76-e026-4b14-b5f8-947f2e2af950/v2.0/.well-known/openid-configuration

3

Application Configuration

1. Go to the application Authentication section

2. Enable ID Token for implicit flow:

   

   Implict grant and hybrid flow configuration screenshot

   1. Save the changes with the Save button at the top.

3. Go to the Token configuration section on the left.

4. Click on Add optional claim. Add:

   1. email

   2. family_name

   3. given_name

5. When clicking on Add will prompt for permissions for the Microsoft Graph. This is required, so accept this request.

4

Silkline configuration

1. Please email your Silkline POC the following information

   1. Application (client) ID

   2. OpenID Connect metadata document URL.

From there, your Silkline team will configure you SSO in the application. We will reach back out to your team when we are ready to test.

5

⏳ Wait for Silkline to complete your SSO configuration

Let us know once you've completed steps 1-4 and share the required values. We'll then complete the configuration on our end and will let you know when SSO is ready for testing.

6

Test SSO Configuration

1. Go to the Silkline application.

2. Initiate the login flow to ensure the SSO integration with Azure AD works as expected.

3. If issues occur, reach out to your Silkline POC to verify the client ID, secret, and tenant ID, and check Azure AD logs for troubleshooting.

Video overview (third-party guide)