Success Centre
How can we help?
All Categories
Getting started
Azure SSO

Azure SSO

Using Microsoft Entra (Microsoft Azure Active Directory) for SSO

Last updated on December 13, 2023

Configuring Microsoft Azure Active Directory for SSO

Granting Access

  1. An Admin clicks this link: https://login.microsoftonline.com/organizations/adminconsent?client_id=16f9ef12-7ede-4ed6-8b4c-62fd69d474e1

      2. The link take the organisation a user is currently logged in to and requests admin consent for the Filtered - Content Intelligence Enterprise Application. Microsoft generates the page where you can “Accept” that permissions request. For security concerns, please see Construct the URL for granting tenant-wide admin consent  

      Click “Accept”
      Click “Accept”
       
  1. You will then be able to log into your Content Intelligence using your Microsoft AD account. If you see a 401 error page please contact our Customer Success team using: success@filtered.com

Alternative Way To Grant Access

  1. An admin tries to login with their standard account to app.filtered.com/<instance>
  1. At most companies the user will be prompted to send an admin request for access. Send the request
    1. If not, SSO should already be working
  1. Get the request approved by an admin - review admin consent requests

      2. To review the admin consent requests and take action:

    1. Sign in to the Azure portal as one of the registered reviewers of the admin consent workflow.
    2. Search for and select Azure Active Directory.
    3. From the navigation menu, select Enterprise applications.
    4. Under Activity, select Admin consent requests.
    5. Select My Pending tab to view and act on the pending requests.
    6. Search for “Filtered” to find the pending request.
    7. Grant permission to Filtered
  1. At this point the user should be able to click the Microsoft login button and be taken to their Filtered Instance

Troubleshooting

Prerequisites

Granting tenant-wide admin consent requires you to sign in as a user that is authorized to consent on behalf of the organization. Typically an admin, if this isn’t you then it will be someone who manages your organisations Active Directory team.

To grant tenant-wide admin consent, you need:

  • An Azure AD user account with one of the following roles:
    • Global Administrator or Privileged Role Administrator, for granting consent for apps requesting any permission, for any API.
    • Cloud Application Administrator or Application Administrator, for granting consent for apps requesting any permission for any API, except Azure AD Graph or Microsoft Graph app roles (application permissions).
    • A custom directory role that includes the permission to grant permissions to applications, for the permissions required by the application.

Enterprise Application details

The Application ID and Object ID must match what is shown in your Azure Active Directory Portal if they don’t you have likely created a new application and granted permissions to it instead of to Filtered’s Content Intelligence.

 

Name

Filtered Technologies Limited

Tenant ID

64521441-02ae-4618-8e20-0329cd552e19

Primary domain

Application (client) ID

16f9ef12-7ede-4ed6-8b4c-62fd69d474e1

Object ID

6ce3f9e7-a457-4101-8f8c-c18412b0d915

Did this answer your question?
😞
😐
🤩
Contact Us