1. Login to your Microsoft Azure portal
2. From the Azure portal menu, select Azure Active Directory.
3. If you don't have a Tenant setup yet, go ahead and create a new tenant and configure it. More details
4. Next, under Manage, select App registrations > New registration.
5. Enter a display Name for your application (e.g. Innform) and select Accounts in any organizational directory (Any Azure AD directory - Multitenant).
6. Select "Web" and Enter your redirect URL which you will find in the Innform SSO settings.
7. During this process, Microsoft generates an Application (client) ID and a Tenant ID (Directory) for your application; you can find this on the app's Overview screen. Make note of this values.
8. Next, click Certificates & Secrets in the lefthand side navigation and select "New client secret". Once generated, make note of this value.
9. Next, click "Api permissions" in the lefthand side navigation and select "New client secret". You will need to add the following permissions for the Microsoft Graph API:
Users > User.Read
So your app can sign in users and read the signed-in users' profiles
Directory > Directory.Read.All
So your app can read directory data on the signed-in user's behalf.
Directory > Directory.AccessAsUser.All
So your app can access the directory as the signed-in user.
10. Open the Innform SSO settings, input your tenant ID and add the client ID & client secret.
11. Click "Create SSO Connection".
12. Congratulations! You have successfully setup your SSO connection.