Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Entra OpenID Connect Setup

            Created by Design Team, Modified on Wed, Apr 30 at 2:35 PM by Design Team

            This document is designed to assist CP Handheld clients with the setup steps necessary within their Entra tenant in order to enable SSO (Single Sign On) with Vinpoint.


            Note: Setting up SSO with Entra OpenID Connect requires prior coordination with our support team. Please do not attempt to configure this feature without first contacting support, as it ininvolves specific prerequisites and access permissions.  


            TABLE OF CONTENTS



            The Entra values listed in the table below will be necessary for creating a new connection, please follow the steps below to retrieve these values, populate the values in the table and provide the information to CP Handheld.




            Step

            Value

            1

            Primary Domain

            Retrieve the Primary Domain for your Entra ID


            2

            Application (client) ID

            Retrieve the Application ID


            3

            Client Secret

            Registering a Client Secret


            4

            Additional Domains

            If there email addresses that are a different domain than the Primary Domain listed above, please provide a list of these domains. 






            Additional information regarding Auth0 Enterprise Connections configuration can be found here.




            Retrieve the Primary Domain for your Entra ID Connection


            Connect to the Azure Portal and open your Microsoft Entra ID Tenant. On the Tenant Overview screen, copy the Primary Domain and populate the value in the table on the first page of this document.





            Register the Application


            In the left-hand menu, select “App Registrations” to open the App registrations screen for your Entra ID connection. 




            Click “New registration” at the top of the screen to begin registering the application.





            Enter a user-friendly name for the application registration. We suggest “Vinpoint”.




            Select the Supported account types that you would like to associate with your application.




            If you would like additional information regarding which account type you should select, click the “Help me choose...” link located directly below the list of options. 




            In the Redirect URI section, “Select a platform” dropdown, select “Web”.




            Enter the following URL in the redirect URI field: https://login.cphandheld.io/login/callback




            Click “Register” to create your Entra App Registration.




            Enabling the UPN Claim


            In the menu on the left for your App Registration, select the “Token configuration” link then click the “Add optional claim” button to begin adding the upn. 





            Select the ID radio button under Token type and sect “upn” from the list of claims.  




            Once you click “Add” you will most likely receive a prompt stating “Some of these claims (upn) require OpenId Connect scopes to be configured through the API permissions page or by checking the box below.” 




            Check the “Turn on the Microsoft Graph profile permission” box and click “Add”.





            The UPN claim should now be enabled on your application.




            Retrieve the Application (client) ID value


            Once the application has been registered, click the Copy to clipboard button on the right side of the Application (client) ID value.  




            Add this value to the table on the first page of this document.





            Registering a Client Secret for the Application


            In the menu on the left for your App Registration, select the “Certificates & secrets” link then click the “New client secret” button to begin registering a new Client Secret.





            Enter a user-friendly Description for the Application’s Client Secret and select the duration from the “Expires” dropdown in which you would like this App Registration’s client secret to persist.




            IMPORTANT NOTE


            After selecting a duration from the dropdown, it would be a good idea to set a reminder in your calendar to Generate a new Client Secret for this app registration before the expiration date you selected.  Before the client secret expires, you will need to create a new Client Secret and provide this updated value to CP Handheld to ensure the Enterprise Connection remains active.





            Click “Add” to add the new Client Secret.  Once the secret has been added, do not navigate away from the Certificates & secrets page, as the Value is only accessible at this time. 




            Click the “Copy to clipboard” button found on the right side of the Value field to copy the Client Secret value. 




            Enter the value in the Client Secret section of the table on the first page of this document. 





            Provide the values from the first page of this document to CP Handheld in order for them to complete the remainder of the SSO setup.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0