Microsoft Azure AD

Instructions for setting up Microsoft Azure AD as your Identity Provider

In Azure AD Admin: Create an App Registration

An administrator for your company's Microsoft Azure AD needs to log in to the portal and follow the steps below to create an App Registration.

Navigate to the App Registrations section of the portal. You can find this section by searching for App Registrations or as part of the Azure Active Directory section of the portal.

Select + New Registration

Enter Pushly for the Name and choose the appropriate Account Type that should have access to log in.

Under Redirect URI choose "Web" and enter the following value:

Click the Register button

On the next page copy the Client ID and then click the Certificates and Secrets item in the left menu bar.

On this page ensure the Client Secrets tab is selected and then click the + New client secret button. Enter a description, choose the expiration length (we recommend 24 months) and then click the Add button.

You will need to generate a new Client Secret and upload it to the platform every time the secret expires. For example, if you choose 24 months for the expiration length you will need to generate a new secret and add it to the platform every 2 years.

After clicking the Add button make sure you copy the newly generated Value on the resulting page as it will only show once. This value will be used as the Client Secret along with the Client ID when setting up the integration in the platform.

Next, click the Token configuration item in the left menu bar.

On this resulting page click the + Add optional claim button and then choose the ID Token radio button.

From the list of claims add the email and upn claims and then click the Add button.

An additional modal will be shown at the top of the slide-out that asks you to confirm adding the email and profile permission to the Microsoft graph. Click the checkbox to confirm adding these permissions and then click the Add button to complete the App Registration set up.

Pushly: Create the Microsoft Azure AD Provider

Now that you have your Client ID and Client Secret you can log into the platform and navigate to your Organization Settings page.

Next, click the Security tab and then click the Add Provider button.

Choose Microsoft Azure AD from the Provider Type dropdown.

Enter the Azure AD Domain and then fill in the Client ID, and Client Secret that was generated in the first section of this documentation.

Within the Associated Domains text area enter each domain name that your organization will be using to to log in via Azure AD on a separate line. For example, if your email address is then you would enter

Once the provider has been successfully created you can begin inviting users to the platform. Any user invited that has an email address that matches one of the emails provided in Email Domains will be sent through Azure AD for authentication.

Last updated