Azure Active Directory Integration
Last updated
Last updated
VirtualMetric supports Azure Active Directory authentication for user authentications.
You can allow access to your Azure Active Directory users by configuring "App Registration" in your Azure Active Directory, and enabling azureStatus in your web.config
file.
1. First, navigate to the ControlPanel
directory and open web.config
:
2. Find azureStatus
in the appSettings
section and change it as true
, and restart the VirtualMetric API from IIS Manager:
3. After enabling azureStatus
, you will see the Sign in with Microsoft button on the logon screen:
4. Now you need to register the application in Azure Portal. You can follow the steps below to create an application registration.
5. Click on Microsoft Entra ID
6. Navigate to App Registrations and click the New Registration button.
7. Type your application name and select an account type. You need to type VirtualMetric API's address for Redirect URI. Complete the registration by clicking the Register button.
Please make sure to enable SSL on VirtualMetric API, and use an HTTPS FQDN in the RedirectURI Parameter. You can check the Setup SSL Certificate on VirtualMetric section to learn how to activate SSL.
8. After registering the application, enable Access Token and ID Token grants under the Authentication options.
9. Add an optional email claim under token configuration.
10. Add your role configuration under the appRoles
section, and save the manifest file.
The completed configuration should look like this:
11. Note the Application (client) ID, Directory (tenant) ID, and RedirectURI parameters. You will update the appropriate fields in Advanced Settings.
12. In Advanced Settings, search for Azure and you will see the Azure Active Directory settings. Set Azure Active Directory Client ID, Azure Active Directory Tenant ID, and Azure Active Directory Redirect Uri variables as per the table below.
Azure Active Directory Client ID
Application (client) ID
Azure Active Directory Tenant ID
Directory (tenant) ID
Azure Active Directory Redirect Uri
RedirectURI
When a user wants to authenticate via Azure Active Directory, VirtualMetric looks for their email address. If the AzureAD user and the VirtualMetric user has the same email address, the user will be authenticated automatically. See the Adding New User to VirtualMetric section for further details.
Visibility of Azure Active Directory Elements should be Active
After setting the parameters, you should reset IIS with iisreset on the dashboard servers.
13. Create the user groups for VirtualMetric under Microsoft Azure -> User Groups.
14. Add the roles you have written to the manifest file.
15. Now go back to Azure and click on Enterprise Applications.
15. Under All Applications, search for and click on the application related to VirtualMetric.
16. Now you can add a user to the group and test it.
16. Add your user and role, and then click on assign.
17. Now you can navigate to the Logon Screen to test your Azure Active Directory authentication. Click the "Sign in with Microsoft" button to redirect to the Azure Active Directory authentication page.
18. On your first login, you can grant access and start a VirtualMetric session.
19. Under the Microsoft Azure -> User section, you can see the users created with Azure.