To access PureDome applications, users have the option to verify their identity using Azure AD Single Sign-On (SSO).
Below are the steps to configure Azure AD SSO integration:
Step 1 - Setting up SSO Application on Microsoft 365/ Azure AD
- You will first need to login to the Azure Portal. Once logged in, navigate to Azure Active Directory > App Registrations > New Registration to create a new Azure Active Directory Application.
- Enter Name, and select Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant). Then in Redirect URI (optional), select Web and enter the following URL:
https://login.puredome.com/oauth2/callback
Step 2 - Configuring the Client ID and Client Secret
- Under the Overview > Essentials section, note the Application (client) ID and the Directory (tenant) ID. These will be used respectively as the Client ID value and to construct the Issuer URL value in your PureDome Identity provider configuration.
- Now, you need to create a new Azure AD application secret. Navigate to Azure Active Directory > App Registrations > {Your Application - in our case PureDome} > Certificates & secrets > New client secret to create a new Azure AD application client secret. Copy this Value ID into a text file for later use.
Step 3 - Configuring the Issuer URL
- The Microsoft URL may diff across national clouds, so you will need to review the Microsoft documentation to ensure you have the correct URL for your region. For the Microsoft global Azure AD service, the URL is as follows, where {tenantId} is the Directory (tenant) ID previously noted while creating our Azure AD Application.
https://login.microsoftonline.com/{tenantId}/v2.0Step 4 - Managing user access
- In the application, go to Users and groups, and click + Add user/group. Choose who should have access, and click Assign.
Step 5 - Adding a new identity provider
- Now, you can head to the PureDome console on your browser, and navigate to Preferences and Single Sign-On. By choosing Azure you will be asked to enter four values as follows:
- IDP Name: Any name you want
- Client ID: Value copied from Microsoft Azure dashboard
- IDP Client Secret: Value copied from Microsoft Azure dashboard (Value ID)
- Issuer URL: URL created in Step 3 (Configuring the Issuer URL)
- After completing all the steps above, you have successfully set up an OIDC application on your Microsoft 365/ Azure Active Directory (Azure AD) with SSO enabled for PureDome.
Note:
- Single-Sign-On (SSO) will be enabled for the PureDome console and apps.
- Only users/groups assigned in your organization to this application will be able to log in subject to being invited to the PureDome console via their registered email address on their Microsoft 365/ Azure Active Directory (Azure AD) account.
Note:
Supported app versions for SSO:
Windows: v2.1.6.8 and above
macOS: v2.1.3 and above
iOS: v2.1.2 and above
Android: v2.4.34 and above
If you have any questions or are experiencing any issues, please don't hesitate to contact our 24/7 customer support team via live chat or email at support@puredome.com. We're always happy to help!