Orkestra Online
  • Introduction
  • What is free and what needs a subscription?
  • Orkestra Desktop App
    • LogIn
    • Navigating the content
    • What is a Hub?
    • What is a Workspace?
    • Package Syncing
    • Uploading Definitions to the Orkestra Online Platform
    • Definition MetaData and Documentation
    • Versioning
    • Analytics
    • Run Inspector
    • Orkestra Account Settings
  • WEB APP
    • Introduction
    • Login to Web App
    • Search and filters
    • Version history and Run Inspector
    • Workspaces
      • Overview
      • Hub/Workspace Settings
      • Upload, Move, and Copy definitions
    • QuickAccess
      • Overview
      • Workspaces
    • Analytics
    • DevOps (in development)
    • Management console
    • Wiki
      • Documentation contents
      • Editor mode
    • Personal Settings
  • Orkestra Revit Addin
    • Introduction
    • LogIn
    • Orkestra Local Player Tab
    • Local QuickAccesses
    • Orkestra Online Player Tab
    • Online QuickAccesses
    • PlayLists
  • Orkestra Dynamo View Extension
    • Introduction
    • LogIn
    • Orkestra View Extension Local Tab
    • Orkestra View Extension Online Tab
    • OrkestraGIT
    • Auto UI Form
    • Node Snippets
    • Code Snippets
    • Error Filtering
  • ORKESTRA CIVIL 3D ADDIN
    • Introduction
    • LogIn
    • Orkestra Local Player Tab
    • Local QuickAccesses
    • Orkestra Online Player Tab
    • Online QuickAccesses
    • PlayLists
  • ORKESTRA RHINO PLUGIN
    • Introduction
    • LogIn
    • Grasshopper Plugin Deployment
    • Orkestra Rhino Local Tab
    • Local QuickAccesses
    • Orkestra Rhino Online Tab
    • Online QuickAccesses
    • Auto UI Form
  • Orkestra WEB API
    • Connecting Analytics to PowerBI
    • Content Metrics
  • Orkestra Dynamo Package
    • LogIn
    • Nodes
  • Orkestra SSO
    • Azure Active Directory
      • App Registration
      • Granting Accesses Through AAD
      • Logging in as a User
      • Enable SSO for WebApp
  • FAQ - Known Issues
    • SSO login issue in Revit / Rhino - endless spinning
    • SSO Login - credential error
    • Packages downloading at every login
    • 1.8.3 upgrade from previous version
    • Blank Orkestra Online Workspaces Screen
    • No dockable pane has been registered with this identifier
Powered by GitBook
On this page
  • Azure AD setup
  • Register the App
  • Orkestra Admin setup

Was this helpful?

  1. Orkestra SSO
  2. Azure Active Directory

App Registration

This document describes how to set up the Single Sign-On (SSO) for Orkestra on systems that use Azure for identity and access management.

PreviousAzure Active DirectoryNextGranting Accesses Through AAD

Last updated 4 months ago

Was this helpful?

Azure AD setup

To enable SSO, you must first complete the setup on the Microsoft AAD.

Register the App

1. In the Microsoft Azure portal, navigate to the "Azure Active Directory" service

2 . Select App registration

3 . And select "New Registration"

4 . Enter the following details :

  • Display name : Orkestra

  • Redirect Uri type : Public client/native (mobile & desktop)

  • Click on Register button

5 . Create new client secret

6 . Go to API Permissions => Add a permission

6 .1 Select Microsoft Graph => application permissions

6 .2 - Option 1 : Add the below Application permissions then click "Grant admin consent for Orkestra" (if your organization policy allows it. If not, please go to 6.2 - Options 2):

Application authorization will allow a better experience in content access management.

6 .2 - Option 2 : Add the below Delegated permissions then click "Grant admin consent for Orkestra" (if your organization policy doesn't allow Application authorization. If it does, please go to 6.1 - Options 1):

Orkestra Admin setup

Open Orkestra with an admin account ,and go to SSO console

Enter the following details

  1. Organization Name : Your organization name (ex : Orkestra)

  2. Tenant id : Go to your app registration overview => Directory(tenant) ID

3. Client id : Go to your app registration overview => Application (client) ID

4. Entreprise App Object Id : Go to Entreprise Applications => orkestra => overview =>Object ID

5. App Secret : Paste your app secret previously created

6. Admin Id : automatically filled

7. Add all domains you want to authorize (ex: orkestra.online)

Redirect Uri :

https://login.microsoftonline.com/common/oauth2/nativeclient
Make sure that these permissions are granted for orkestra
Make sure that these permissions are granted for orkestra