Would you like to hear about webinars we're
doing, new features we're adding and projects we're undertaking? Sign up
here to our pleasantly infrequent newsletter!
This guide shows what steps are needed to create a Microsoft Entra ID application that can be used with Moveshelf SSO. for now, this guide and Moveshelf's application still refer to this application by it's former name: Azure Active Directory (ADD). Please contact Moveshelf support if an alternative solution to Entra ID/AAD is used.
Create the application
Start by creating a new AAD app:
Fill in application details
Fill in your application details. You should select which option you need for supported account types based on your own case. To connect your organization with our environments, the redirect URI should be:
Add the following claims to the application ID token in order to let Moveshelf receive the necessary information to create and manage the users.
Create a client secret token
Create a client secret token and write down the Value, you will not be able to retrieve it again. Expiration is handled manually for now, we suggest to set it to 2 years. Write down the Expires date too.
Get application information
Write down your Application Client ID and Directory Tenant ID.
Configure access to your new application
By default, all users in your Azure organization will be able to access the application and perform SSO. Our advise is to limit SSO access through this app only to the users/groups assigned to it. Therefore you first need to configure access to a user or a group of users (see image 1). Note: we suggest giving key Moveshelf users Ownership of the Azure AD group, so that they can independently control access to Moveshelf. To make sure only the configured group has access to Moveshelf, you also have to enable User assigment required option (disabled by default), this is shown in image 2.
Send the application information to Moveshelf
In order to set up your application, you will need to send the Application Client ID, the Directory Tenant ID, the secret token Value and its Expires date to Moveshelf support.
