Azure Active Directory Integration

VirtualMetric supports Azure Active Directory authentication for user authentications.

You can allow access to your Azure Active Directory users by configuring "App Registration" in your Azure Active Directory, and enabling azureStatus in your web.config file.

1. First, navigate to the ControlPanel directory and open web.config:

C:\Program Files\VirtualMetric\ControlPanel\Web.config

2. Find azureStatus in the appSettings section and change it as true, and restart the VirtualMetric API from IIS Manager:

    <appSettings>
    <add key="primaryApiUrl" value="https://api.virtualmetric.com/API/" />
    <add key="failoverApiUrl" value="" />
    <add key="triggerId" value="3080487f-f3f6-43e2-bd27-7f1886a12816" />
    <add key="apiUser" value="vmapi" />
    <add key="apiPassword" value="727c9b3a51eb3407c7cc21c45d84bb28" />
    <add key="azureStatus" value="true" />
    </appSettings>

3. After enabling azureStatus, you will see the Sign in with Microsoft button on the logon screen:

4. Now you need to register the application in Azure Portal. You can follow the steps below to create an application registration.

5. Click on Microsoft Entra ID

6. Navigate to App Registrations and click the New Registration button.

7. Type your application name and select an account type. You need to type VirtualMetric API's address for Redirect URI. Complete the registration by clicking the Register button.

8. After registering the application, enable Access Token and ID Token grants under the Authentication options.

9. Add an optional email claim under token configuration.

10. Add your role configuration under the appRoles section, and save the manifest file.

The completed configuration should look like this:

"appRoles": [
	{
		"allowedMemberTypes": [
			"User"
		],
		"description": "Users with readonly access",
		"displayName": "VirtualMetricUserRole",
		"id": "18d14569-c3bd-439b-9a66-3a2aee01d14c",
		"isEnabled": true,
		"lang": null,
		"origin": "Application",
		"value": "VirtualMetricUserRole"
	},
	{
		"allowedMemberTypes": [
			"User"
		],
		"description": "Users with admin access",
		"displayName": "VirtualMetricAdminRole",
		"id": "18d14569-c3bd-439b-9a66-3a2aee01d14f",
		"isEnabled": true,
		"lang": null,
		"origin": "Application",
		"value": "VirtualMetricAdminRole"
	},
	{
		"allowedMemberTypes": [
			"User"
		],
		"description": "msiam_access",
		"displayName": "msiam_access",
		"id": "b9632174-c057-4f7e-951b-be3adc52bfe6",
		"isEnabled": true,
		"lang": null,
		"origin": "Application",
		"value": null
	}
],

11. Note the Application (client) ID, Directory (tenant) ID, and RedirectURI parameters. You will update the appropriate fields in Advanced Settings.

12. In Advanced Settings, search for Azure and you will see the Azure Active Directory settings. Set Azure Active Directory Client ID, Azure Active Directory Tenant ID, and Azure Active Directory Redirect Uri variables as per the table below.

13. Create the user groups for VirtualMetric under Microsoft Azure -> User Groups.

14. Add the roles you have written to the manifest file.

15. Now go back to Azure and click on Enterprise Applications.

15. Under All Applications, search for and click on the application related to VirtualMetric.

16. Now you can add a user to the group and test it.

16. Add your user and role, and then click on assign.

17. Now you can navigate to the Logon Screen to test your Azure Active Directory authentication. Click the "Sign in with Microsoft" button to redirect to the Azure Active Directory authentication page.

18. On your first login, you can grant access and start a VirtualMetric session.

19. Under the Microsoft Azure -> User section, you can see the users created with Azure.