# Microsoft Entra ID

This document helps you to get the below information for integrating Microsoft Entra ID with HYBR application,

1. Directory ID or Tenant ID (can get it from overview page of Microsoft Entra ID)
2. Application ID
3. Application Client Secret

## **Steps**

#### Obtain a Client Id and Client Secret for a Microsoft Microsoft Entra ID

**Step 1:** Sign-in Azure portal

**Step 2:** Go to Microsoft Entra ID --> App Registration 

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FIqM1mAEH7DdfcHq004mp%2F1.png?alt=media&#x26;token=5787880c-a011-41b5-969d-a5571d6ff9c1" alt=""><figcaption></figcaption></figure>

**Step 3:** Click **New Registration** to register for a new App for HYBR application

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2Fw3JyCOnsYkJr6wTEq6KL%2F2.png?alt=media&#x26;token=69f10850-d776-4f6f-b675-6e9c9c7dea73" alt=""><figcaption></figcaption></figure>

**Step 4:** Register the new App by providing the appropriate values. (select Multi-Tenant if different Microsoft Entra ID domain will be used for tenant)

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FmaycjjzEhxa6sGWRiGY5%2F3.png?alt=media&#x26;token=4eeda99b-9246-41c4-8afe-a070203222d8" alt=""><figcaption></figcaption></figure>

**Step 5:** Choose the application, to get the Client ID value and copy it to the clipboard. The Client ID and Application ID are same value from the Azure application as shown in the below. Go to Application in Azure portal and check the value in **Application (client) ID.**

&#x20;**For Example:** The Client ID looks like:

* Client ID: 53ba6f2b-6d52-4f5c-8ae0-7adc20808854

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2F8MEmhKya3Mrr3APOczeY%2F4.png?alt=media&#x26;token=8374e1d6-a635-4e3e-830f-94d859403634" alt=""><figcaption></figcaption></figure>

**Step 6:** To get the Client ID Secret, Go to Application and select Certificates & Secrets in left side section.

**Step 7:** Create New Client secret & give the expiry date as per your requirement.

**Step 8:** Once Client secret created, copy It to clipboard (cannot get the secret if missed to copy).

**For Example:** The Client Secret:

Client Secret: NMubGVcDqkwwGnCs6fa01tqlkTisfUd4pBBYgcxxx=

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FDQejjOaFRLRNZPCk5AAR%2F5.png?alt=media&#x26;token=7efeaf29-7498-4f30-8984-128a357b2f41" alt=""><figcaption></figcaption></figure>

**Step 9:** Select Authentication Page in Azure application left side section and click Add a platform then choose web.

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FwBUX28p22qbCdd0Zs6zQ%2F6.1.png?alt=media&#x26;token=066ed4c6-26d6-4cac-95d8-b35befde7097" alt=""><figcaption></figcaption></figure>

**Step 10:** Add **redirect URL’s** in authentication page and

&#x20;     Sub-domain Name will be defined while deploying HYBR

&#x20;            `https://<Hybr_Admin_URL_name>/OrgAccounts/SignInSuccess`

&#x20;            `https://<Hybr_Admin_URL_name>/OrgAccounts/SignOutCallback`

&#x20;            `https://<Hybr_Tenant_URL_name>/Accounts/SignInSuccess`

&#x20;            `https://<Hybr_Tenant_URL_name>/Accounts/SignOutCallback`

&#x20;            `https://<Hybr_Tenant_URL_name>/Register/SignInSuccess`

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FrL9D5D6oB8lsasqyUxny%2F7.png?alt=media&#x26;token=1e33ca17-b4ac-434c-b749-7c3f648ed8f9" alt=""><figcaption></figcaption></figure>

**Step 11:** select "**Access tokens"** and select **single tenant** directory or **multi-tenant** directory by based on requirements.

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FAO55xH2OCzIOe9oWHqqG%2F8.png?alt=media&#x26;token=e0d809c3-88d9-4a16-a4f0-828cf37c00f1" alt=""><figcaption></figcaption></figure>

**Step 12:** After fill the redirect URL’s and then click save.

<figure><img src="https://2861565768-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2F8yyZBiQiKX8E79qF6MQC%2Fuploads%2FGLQ5eo6ZwQTEvdLlsivy%2F9.png?alt=media&#x26;token=096497b8-972b-4566-a0fe-fa3f6d991bcd" alt=""><figcaption></figcaption></figure>