Skip to main content
All CollectionsNaverisk 3rd Party Integrations
Microsoft Entra integration - SSO
Microsoft Entra integration - SSO

How to setup single-sign on

Updated over 6 months ago

Create Microsoft Entra Application

  1. Login to Microsoft Azure: https://portal.azure.com/

  2. Pop up the menu bar by clicking the ‘Hamburger’ in the top left:

  3. Select ‘Microsoft Entra ID’:

  4. Select ‘App registrations’:

  5. Click ‘+New registration':

  6. Complete the registration:
    Enter a suitable Name: eg Naverisk SSO
    Select “Accounts in this organizational directory only
    Select “Single-page application (SPA)” with the external URL of the Naverisk website eg https:/qascale.naverisk.com

  7. Click ‘Register

  8. Take note of the displayed 'Application (client) ID' and the 'Directory (tenant) ID' values and record them for later usage:

  9. Click ‘Certificates & secrets

  10. Click ‘+New client secret

  11. In the right side pane, enter a suitable Description eg Naverisk SSO and select the desired expiration period.
    Click ‘Add’

  12. Take note of and record the 'Value' as this will be required later on

  13. Click ‘API permissions’ and check the granted permissions

User.Read is required.
offline_access, openid and profile appear to get added automatically when a SSO user logs in and grants permission for, on first logon.

Configuring Microsoft Entra in Naverisk

  1. Navigate to Settings → Microsoft Entra

  2. Select the Client you wish to allow MS Entra authentication for from the pop out list on the left

    Then expand out the configuration using the chevron on the right:

  3. Enter the Guids obtained when creating the Microsoft Entra Application:

    Naverisk Tenant ID = Microsoft Entra Directory (tenant) ID

    Naverisk Client ID = Microsoft Entra Application (client) ID

    Naverisk Client Secret = Microsoft Entra Value

    And click ‘Save’

    The Integration should now show as ‘Connected’ in the top right:

  4. Tick the Microsoft Entra Enabled checkbox and click 'Save' to enable Naverisk User Logons to switch to Entra as an authentication option:

    When this option is enabled, Naverisk users can switch to switch to Entra as an authentication option

    This can be done either by the user for themselves under Home → My Profile → Settings:

    Or this can be done by a Naverisk Administrator under Settings → Users & Groups → Settings:

    If this option is disabled, existing Users assigned to Microsoft Entra will continue to authenticate via Entra, but this will not be a selectable option for new user logons.

    NOTE: For the Microsoft Entra to succesfully sign in, the configured User Email Address must match the MS Entra account login:

macOS Safari

Safari has an additional security option that prevents the Microsoft Entra authentication window from appearing.

This can be disabled with the following steps:

  1. Open Safari

  2. In the file Menu select Safari → Preferences

  3. In the pop up window select Websites → Pop-up Windows

  4. In the bottom right corner, change the ‘Block and Notify’ dropdown and set it to ‘Allow

Did this answer your question?