Naverisk

Login to Microsoft Azure: <a href="https://portal.azure.com/" rel="nofollow noopener noreferrer" target="_blank">https://portal.azure.com/</a>

Pop up the menu bar by clicking the ‘Hamburger’ in the top left:

Complete the registration: Enter a suitable Name: eg Naverisk SSO Select “Accounts in this organizational directory only” Select “Single-page application (SPA)” with the external URL of the Naverisk website eg https:/qascale.naverisk.com

Take note of the displayed 'Application (client) ID' and the 'Directory (tenant) ID' values and record them for later usage:

Click ‘Certificates &amp; secrets’

In the right side pane, enter a suitable Description eg Naverisk SSO and select the desired expiration period. Click ‘Add’

Take note of and record the 'Value' as this will be required later on

Click ‘API permissions’ and check the granted permissions

1. Login to Microsoft Azure: <a href="https://portal.azure.com/" rel="nofollow noopener noreferrer" target="_blank">https://portal.azure.com/</a>
2. Pop up the menu bar by clicking the ‘Hamburger’ in the top left:
 
 
 
3. Select ‘Microsoft Entra ID’:
 
 
 
4. Select ‘App registrations’:
 
 
 
5. Click ‘+New registration':
 
 
 
6. Complete the registration: Enter a suitable Name: eg Naverisk SSO Select “Accounts in this organizational directory only” Select “Single-page application (SPA)” with the external URL of the Naverisk website eg https:/qascale.naverisk.com
 
 
 
7. Click ‘Register’
8. Take note of the displayed 'Application (client) ID' and the 'Directory (tenant) ID' values and record them for later usage:
 
 
 
9. Click ‘Certificates &amp; secrets’
 
 
 
 
10. Click ‘+New client secret’
 
 
 
11. In the right side pane, enter a suitable Description eg Naverisk SSO and select the desired expiration period. Click ‘Add’
 
 
 
 
12. Take note of and record the 'Value' as this will be required later on
 
 
 
13. Click ‘API permissions’ and check the granted permissions

User.Read is required. offline_access, openid and profile appear to get added automatically when a SSO user logs in and grants permission for, on first logon.

Select the Client you wish to allow MS Entra authentication for from the pop out list on the left

Then expand out the configuration using the chevron on the right:

Enter the Guids obtained when creating the Microsoft Entra Application:

Naverisk Tenant ID = Microsoft Entra Directory (tenant) ID

Naverisk Client ID = Microsoft Entra Application (client) ID

Naverisk Client Secret = Microsoft Entra Value

The Integration should now show as ‘Connected’ in the top right:

Tick the Microsoft Entra Enabled checkbox and click 'Save' to enable Naverisk User Logons to switch to Entra as an authentication option:

When this option is enabled, Naverisk users can switch to switch to Entra as an authentication option

This can be done either by the user for themselves under Home → My Profile → Settings:

Or this can be done by a Naverisk Administrator under Settings → Users &amp; Groups → Settings:

If this option is disabled, existing Users assigned to Microsoft Entra will continue to authenticate via Entra, but this will not be a selectable option for new user logons.

NOTE: For the Microsoft Entra to succesfully sign in, the configured User Email Address must match the MS Entra account login:

1. Navigate to Settings → Microsoft Entra
 
 
 
2. Select the Client you wish to allow MS Entra authentication for from the pop out list on the left
 Then expand out the configuration using the chevron on the right:
 
 
 
3. Enter the Guids obtained when creating the Microsoft Entra Application:
 Naverisk Tenant ID = Microsoft Entra Directory (tenant) ID
 Naverisk Client ID = Microsoft Entra Application (client) ID
 Naverisk Client Secret = Microsoft Entra Value
 And click ‘Save’
 The Integration should now show as ‘Connected’ in the top right:
 
 
4. Tick the Microsoft Entra Enabled checkbox and click 'Save' to enable Naverisk User Logons to switch to Entra as an authentication option:
 
 
 
 
 When this option is enabled, Naverisk users can switch to switch to Entra as an authentication option
 
 
 This can be done either by the user for themselves under Home → My Profile → Settings:
 
 Or this can be done by a Naverisk Administrator under Settings → Users &amp; Groups → Settings:
 
 
 
 
 If this option is disabled, existing Users assigned to Microsoft Entra will continue to authenticate via Entra, but this will not be a selectable option for new user logons.
 
 NOTE: For the Microsoft Entra to succesfully sign in, the configured User Email Address must match the MS Entra account login:

Safari has an additional security option that prevents the Microsoft Entra authentication window from appearing.

This can be disabled with the following steps:

In the file Menu select Safari → Preferences

In the pop up window select Websites → Pop-up Windows

In the bottom right corner, change the ‘Block and Notify’ dropdown and set it to ‘Allow’

1. Open Safari
 
 
 
2. In the file Menu select Safari → Preferences
 
 
 
3. In the pop up window select Websites → Pop-up Windows
 
 
 
4. In the bottom right corner, change the ‘Block and Notify’ dropdown and set it to ‘Allow’

Create Microsoft Entra Application

Configuring Microsoft Entra in Naverisk

macOS Safari