External authentication with Microsoft Entra ID (Previously Azure AD)

Summary Presentation Features Prerequisites Steps to implement authentication Registering users to SSO Compilatio Learn about other external authentication systems Return to the overview of external authentication systems

1. Presentation

Microsoft Entra ID (Previously Azure AD) single sign-on (SSO), after being added and configured in the facility's tenant, allows its users to log in with their Microsoft credentials. The facility selects which users can use single sign-on to log into Compilatio. The Compilatio Magister account is created automatically the first time the user logs in with their Microsoft account information (first name, last name, email address).

2. Features

3. Prerequisites

Make sure you have the appropriate roles in Microsoft Entra ID (Previously Azure AD): you must be an application administrator or global administrator.

As a reminder, authentication with Microsoft Entra ID is limited to non-student faculty and staff.

4. Steps to implement authentication

1. Log in to Microsoft Azure (You must be an administrator), go to Microsoft Entra ID tab Application registration then click on New application.

2. Fill in the form to register an application. In Redirection URL select Web and enter "https://app.compilatio.net/api/private/authentication/login/microsoft?group_id=id_of_group_sent_by_compilatio"
   
   

3. In the tab Authentication of the application, check Access Tokens and ID Tokens in the part Implicit grant and hybrid flows.

4. In the tab Application Roles click on Create an application role and enter

   • Display name: for example "Compilatio user".

   • Authorized member types: users/groups

   • Value: CompilatioUser

5. In the tab Overview of the application, copy the Application ID and the Directory ID and send them to"support@compilatio.net".

5. Registering users to SSO Compilatio

1. In Microsoft Entra ID click on the tab Enterprise applications then click on the previously created application.
2. In the tab Users and groups click on Add a user / group.
3. Select the users or groups you want to enroll in Compilatio SSO and select the previously created role.

---

Learn about other external authentication systems:

• External authentication with Shibboleth federated RENATER / EduGAIN

• External authentication with unfederated Shibboleth

• External authentication CAS (Central Authentication Service)

• External authentication LDAP (Lightweight Directory Access Protocol)

Return to the overview of external authentication systems :

• What is an external authentication system?

📌 Questions about Magister, Magister+, plagiarism or AI?

Get answers live during our "Q&A Webinar".
👉 Register for the next session 

This article has been automatically translated. If you notice a translation error, please contact us.