Overview
This is an administrative guide on how to configure Sign-in with Microsoft in the Social Connect Module.
Once this has been configured, users can connect their account with their Microsoft Account allowing them to log in to the system simply by clicking the "Sign-in with Microsoft" button from the Login screen.
1. Register an app on Microsoft Azure Portal
Log in to Azure Portal as a user that has admin privileges from your organisation to register a new app
Under Azure services click "App registrations"
Click on New Registration
Application Name: Claromentis Social Connect for {Your intranet name}
Supported account type:
For wider compatibility select "Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox)"
Alternatively, apply the appropriate account type to suit your organisation.
Redirect URI
Select a platform: Web
https://{your-intranet-url}/socialconnect/live/callback
Replace {your-intranet-url} with the actual URL of your intranet
2. Creating a client secret
Navigate to "Certificates & secret" tab on the left and click on New Client secret to create a new secret
Enter the description and set how long the secret will expire.
3. Copy Client ID and Client Secret to Claromentis
Client ID: Get it from Application (Client ID)
Client Secret: Under Certificate and Secrets get the client's secret value
Don't forget to click Save Configuration button at the bottom.
Troubleshoot
1. Unauthorized Client error message
- Make sure you have configured the Social Connect correctly on Azure Portal and have Microsoft Graph (User.Read) API permission enabled.
- Make sure you have selected the appropriate Supported account type
2. Client error: 400 Bad request
This is likely caused by an invalid Client ID and or Client Secret or expired Client Secret in the Azure Portal.
