This tutorial will guide you through the process of seamlessly
integrating EntraID / AzureAD with WorkFlex.
1. Access Azure Admin portal
Go to Azure Admin Portal.
2. Manage Microsoft Entra ID
Navigate to Microsoft Entra ID Management and click on "+ Add"
Select "App registration"
3. Configure SSO app
Enter a name for the new SSO App, e.g., "WorkFlex SSO App" and choose "Web" as the platform and enter the provided redirect URI you received from us.
After that, note the "Application (client) ID" and "Directory (tenant) ID" for later use in WorkFlex.
4. Manage certificates & secrets
Go to "Certificates & secrets" to create a new client secret.
Click "+ New client secret", provide a description, select an expiry (recommend a long period), and save the secret value securely.
Remember to set a reminder for secret expiry as it needs updating in WorkFlex when it expires.
5. Configure token for email claim
Access "Token Configuration" in the side menu.
Click "+ Add optional claim"
Select "ID" as Token type, and "email" for the claim
If prompted, check the checkbox “Turn on Microsoft Graph email permission" and click "Add".
6. Manage API permissions
Navigate to "API permissions" to verify Microsoft Graph, email, and User.
Read permissions.
If not present, add them via "Add a permission".
Click "Grant admin consent for <CompanyName>" and approve in the popup.
The “Status” in the table should now have changed to
