Federating using Entra ID (Azure) through Admin Center

Owned by Knowledge Assistant
Last updated: Jul 16, 2024 by Moriah Yorkey
1 min read
Description of Issue

Federating using Entra ID (Azure) through Admin Center

Context

  • Federation

  • Entra ID (Azure)

  • Tyler Identity Workforce

  • Admin Center

  • Organization Admin

  • Okta

  • Identity Provider

Cause

Needing to Federate using Entra ID

Resolution

Federation (client side)

  1. Log in to your organization’s Entra ID Portal https://entra.microsoft.com

  2. From the left-side navigation pane, expand Identity>Applications and select App registration

  3. From the App Registrations section, click the + New registration button at the top of the page.

  4. In the Register an application screen, make the following changes:

    1. Name: TylerIdentityWorkforceIntegration

    2. Supported Account Type: select accounts in this organizational directory only

    3. Redirect URL (Select a platform) drop-down box: select Web

    4. Redirect URL textbox:
      https://tyler-<customeridentifier>.okta.com/oauth2/v1/authorize/callback

  5. From the Overview page, copy the Application (client) ID, Directory (tenant) ID

  6. Select Certificates & secrets from the Manage section of the navigation bar

  7. Ensure the Client Secrets tab is select and click the + New client secret button

  8. In the Add a client secret pop-up window, enter the following:

    1. Description: TylerIdentityWorkforceIntegration

    2. Expires: 730 days (24 months). Note: While Tyler recommends setting the expiration period as long as possible to reduce the need to reconfigure your federation in TID-W when the secret expires, Always consult your own internal security posture for the best recommendation

    3. Click the Add button when finished

  9. Ensure you are returned to the Certificates and Secrets section with the Client secrets tab selected, find the secret Value and click Copy

Admin Center 

  1. Log into Admin Center using How to gain Org Admin access to Admin Center

  2. Navigate to Settings > Domains to add the desired authentication domains

  3. Navigate to Identity workforce > identity providers > Add a new provider > Azure 

  4. Input Azure information 

    1. Name - Tylertown, ME

    2. Client ID - xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

    3. Client Secret - can vary in length and characters 

    4. Secrets expiration - MM/DD/YYYY

    5. Email Domains - Authenticating domains for Entra 

    6. Azure Tenant ID - xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

  5. Select Save

Additional Information

Â