My1Login EDS: Azure App Registration

Registration of the My1Login EDS App within Azure 

The My1Login Entra Directory Service (EDS) :

1. enables a Zero-Login experience for your My1Login users so adoption is guaranteed
   
2. provides the highest level of customer security by managing client-side encryption keys inside the secure perimeter of your enterprise network
   
3. reduces IT administration effort by automating user account lifecycle management that is synchronised with your Entra directory. 
   

Sign into the Azure tenant that is to be synchronised with My1Login

Access Microsoft Entra ID:        

Click “App registrations” in the sidebar, then click “New registration”:

Enter a name for the application, i.e. My1Login
Under “Supported account types”, select “Accounts in this organizational directory only”
Under “Redirect URI”, select Web and enter the URI:
- <M1L domain for environment>/Business/Oidc/HandleOidcResponse
- e.g. For customer called ACME, this will be: https://acme.my1login.com/Business/Oidc/HandleOidcResponse
Click “Register”                                                                                                          

                                                                                                         

In the sidebar, click “Authentication”
Under “Implicit grant and hybrid flows”, check both “Access tokens” and “ID tokens”
Click Save                                                                                                                                                            

In the sidebar, click “API permissions”
Click “Add a permission”
Click “Microsoft Graph”                                          

Click “Delegated Permissions” and select the following:
OpenId permissions:
- email
- openid
- profile                                                                                                                                                                                                                                                                    

Go back to the top of the pack and click “Application permissions”, then select the following:
- AdministrativeUnit → AdministrativeUnit.Read.All
- Group → Group.Read.All
- User → User.Read.All
Click “Add permissions”                                                                                                                                                                                                                                  

Click “Grant admin consent for <tenant name>” and then click “Yes”

• Related Articles

• EDS Installation Pre-Requisites

  Technical Requirements Within Microsoft Entra ID Permission to create an Azure App Registration with privileges to read the directory Define AU or group objects to be synchronised Within My1Login Username & Password for the My1Login Service Account ...

• Troubleshooting the EDS

  Sync Issues 1.1 Incorrect Configuration (Web) On My1Login web, the Entra Directory screen must be filled out with the following details: Tenant ID (needed to identify which Azure Tenant to sync from) Filter (needed to identify which Administrative ...

• How to find the EDS Configuration Values within Azure

  EDS Configuration Values To configure the Entra Directory Service (EDS), you will need the following three values from your Entra Directory application: Tenant ID – the unique identifier for your Entra Directory. Client ID – the application ID of the ...

• Install and Configure My1Login's Entra Directory Service (EDS)

  Entra Directory Service (EDS) Allows admins to control which users are synchronised from the Entra Directory to My1Login and provides seamless Single Sign-On (SSO) to the My1Login web application using Entra identities. Additionally, this functions ...

• What is the Entra Directory Service (EDS) and how does it work?

  The My1Login Entra Directory Service (EDS) : - enables a Zero-Login experience for your My1Login users so adoption is guaranteed - provides the highest level of customer security by managing client-side encryption keys inside the secure perimeter of ...