SSO Setup with Microsoft Entra

From Microsoft Entra

Navigate to: Applications > Enterprise Applications > New Application > Create your own application

Open

Navigate to Users and Groups. Add the desired user/groups, assigning them the default “User” role.

Open

Navigate to Applications > App Registrations > All Applications > <Your application name>.

Copy/note the Directory (tenant) ID & Application (client) ID to enter in later steps within your RTVision web application.

Open

Click Add a Redirect URI

Click Add a platform > Single-page Application

Enter: https://oauth-proxy.rtvision.com

Click Configure

In a new browser tab/window, go to your RTVision web application.

Login, then navigate to Admin > SCIM/SSO Tenant > Add SCIM/SSO Tenant.

Enter the following information:

• Name: The name to display on SSO login button

• Domain: sts.windows.net (for Microsoft Entra)

• External ID: The tenant ID noted in a previous step

• Client ID: The client ID noted in a previous step

Switch back to your Entra tab/window. Under the enterprise application navigate to Provisioning > New Configuration

Enter the Tenant URL (https://<your rtvision web application fqdn>/scim)

Click Test connection, then Create.

Navigate to Attribute Mapping > Provision Microsoft Entra ID Groups

Set enabled equal to no, then Save.

Navigate back to previous page with back button or breadcrumbs at top of page.

Navigate to Attribute Mapping > Provision Microsoft Entra ID Users.

Edit the “active” mapping.

Change Mapping type to: Direct

Change Source attribute to: accountEnabled

Click Ok. Click Save. Click yes to confirm.

Navigate back to previous page with back button or breadcrumbs at top of page.

Navigate to Overview then click Start provisioning. (This will take at least a few minutes)

Wait until Current cycle status shows Initial cycle completed 100%

You should now be able to test logging in with SSO.