1. Help center
  2. Settings & Security

Setup AzureAD SSO Access to MineOS

Enable SSO access to your MineOS account for you and your team through the Identity Provider AzureAD.

Before you start, make sure you have:

  • An Azure account
  • MineOS enterprise account

How to create an app on AzureAD:

To register your app with Azure AD, see Microsoft's Quickstart: Register an application with the Microsoft identity platform

During registration, configure the following settings:

  • Name: MineOS (or any relevant name you prefer)
  • Supported account types: To allow users from external organizations (like other Azure AD directories), choose the appropriate multi-tenant option. Multi-tenant options include the following: Accounts in any organizational directory (Any Azure AD directory - Multi-tenant).
  • Redirect URI: Select the Web platform, and enter:
    https://mineos-b2b.eu.auth0.com/login/callback

 

Screenshot 2023-05-20 at 22.30.13


  • On the left side menu, click Token Configuration.
  • Click Add optional claims, select ID and check email, family_name, and given_name
  • Click Add

    Screenshot 2023-06-16 at 10.23.53
  • On the left side menu, click API Permissions
  • Click "Grant admin consent for <your company name>"
  • Wait a few seconds, and confirm that the Status column has changed to Granted (Green checkmark) for all permissions.

Creating a Client Secret on AzureAD

If you set up an expiring secret, please make sure to record the expiration date. You will need to renew the key before that day to avoid a service interruption.

 

Screenshot 2023-05-20 at 22.31.37

 

Once the client secret has been created, make a note of its value.

Share the following information to your MineOS customer success manager:

  • Azure AD primary domain (you can find it under Azure -> Active Directory -> Primary Domain)
  • Email Domain
  • Application (client) ID (this can be found in the app's overview page)
  • Client Secret value
  • Supported account types (multi-tenant or single organization)

Don't forget to assign this app to users in your organization that need access to MineOS.