App Registration

This document describes how to set up the Single Sign-On (SSO) for Orkestra on systems that use Azure for identity and access management.

Azure AD setup

To enable SSO, you must first complete the setup on the Microsoft AAD.

Register the App

1. In the Microsoft Azure portal, navigate to the "Azure Active Directory" service

2 . Select App registration

3 . And select "New Registration"

4 . Enter the following details :

5 . Create new client secret

6 . Go to API Permissions => Add a permission

6 .1 Select Microsoft Graph => application permissions

Application authorization will allow a better experience in content access management.

Orkestra Admin setup

Open Orkestra with an admin account ,and go to SSO console

Enter the following details

  1. Organization Name : Your organization name (ex : Orkestra)

  2. Tenant id : Go to your app registration overview => Directory(tenant) ID

3. Client id : Go to your app registration overview => Application (client) ID

4. Entreprise App Object Id : Go to Entreprise applications => orkestra => overview =>Object ID

5. App Secret : Paste your app secret previously created

6. Admin Id : automatically filled

7. Add all domains you want to authorize (ex: orkestra.online)

Last updated