Setting up Entra ID (Azure AD) SSO for NordLayer Service Management Portal
  • 2 Minutes to read

    Setting up Entra ID (Azure AD) SSO for NordLayer Service Management Portal


      Article summary

      Integrating Entra ID (Azure AD) single sign-on (SSO) makes it possible to make a user journey seamless when logging into the Service Management Portal.

      To set up Entra ID (Azure AD) you’ll need to obtain Application (client) ID, Directory (Tenant), and Generated Client Secret Value.

      Follow these steps to obtain all the needed values for your Entra ID (Azure AD) integration:

      1. Start by logging into your Entra ID panel
      2. Select App registrations in the main menu
      3. Click on New registration
      4. In the Name field, input NordLayer
      5. Choose your supported account types
      6. Click Register at the bottom of the page
      7. In the newly opened page, select the API permissions tab on the left
      8. Click Add a permission
      9. Select Microsoft Graph and opt for Delegated permissions
      10. Under OpenId permissions, mark profile and email. Ensure User.Read under User is checked.
      11. Press Add permissions to confirm your selections
      12. Click Grant admin consent for to grant consent for all users
      13. Select Yes in the confirmation prompt
      14. Navigate to the Token configuration tab
      15. Select Add optional claim and choose Token type - ID. Also, mark claims: email, upn and press Add to confirm your selections
      16. Open the Authentication tab in the left menu
      17. Select Add a platform at the top
      18. Choose Web
      19. In the Redirect URls field, enter:
      https://partner-api.nordlayer.com/v1/tokens/oauth/resolution
      
      1. At Implicit grant and hybrid flows, check Access tokens and ID tokens
      2. Save the changes by clicking on Configure at the bottom
      3. Open Overview in the left menu
      4. Copy the Application (client) ID and keep it safe
      5. Copy the Directory (Tenant) ID and keep it safe
      6. Open the Certificates & secrets tab in the left menu
      7. Choose the Client secrets tab and press New client secret
      8. In the description field, enter NordLayer
      9. In the expiry field, select 24 months
      10. To save the changes, click on Add at the bottom
      Please note

      The generated client secret value is only shown only once

      1. Once you obtain all the needed values, you can set up a log-in to the Service Management Portal using Entra ID (Azure ID):

      Go to the NordLayer Service Management Portal
      Change Azure AD to Entra ID 1.png

      Navigate to Settings and click Login methods.

      Change Azure AD to Entra ID-14.png

      Choose Entra ID (Azure AD) and input the copied values

      Once you submit this information, your organization's members will be able to log into the Service Management Portal using Entra ID (Azure AD).

      Note: It's possible to have multiple SSO methods enabled concurrently.

      In case you have any questions or are experiencing any issues, please feel free to contact our 24/7 customer support team.


      Was this article helpful?