Secure Messaging

Learning Center

Back to top

Search Results

Azure Active Directory SSO Integration

Azure Active Directory is a Microsoft Azure service which provides identity and access management. Secure Messaging supports single sign on with Azure AD, which means your organization can easily incorporate Secure Messaging into your application base in Azure AD and let your users securely access Secure Messaging.

Azure Active Directory Integration

For basic Azure Active Directory integration, simply send an email to Secure Messaging Support with a subject line of Azure AD SSO Configuration. In the email body, enter the following information:

  • Primary Domain:[Enter the primary domain that your Secure Messaging service was configured for]

That’s It! This will provide Azure AD SSO for all users in your organization. We will reply to your request as soon as configuration is completed.

Should you wish more control over which users can access the Secure Messaging service or would like to customize the Azure AD Login page, then follow the instructions below for Adding an Application to your Azure Active Directory.

Azure Active Directory Integration – Adding Application

  1. On another tab or page, sign into the Azure classic portal. For this configuration, the Azure class portal must be used as the endpoints referenced in the classic portal are critical.
  2. Click on the Active Directory icon on the left menu, and then click on the desired directory.
  3. On the top menu, click Applications. If no apps have been added to your directory, this page will only show the Add an App link. Click on the link, or alternatively you can click on the Add button on the command bar.
  4. On the What do you want to do page, click on the link to Add an application my organization is developing.
  5. On the Tell us about your application page (i.e. [Business Name] Cirius SSO), you must specify a name for your application as well as indicate the type of application you are registering with Azure AD. For Secure Messaging, WEB APPLICATION AND/OR WEB API should be selected.
  6. On the App properties page, provide the Sign-on URL. For Secure Messaging, this should be https://webapp.secure-messaging.com. If you are configured with a custom URL, enter that URL instead. An App ID URL should also be specified. App ID URLs are used to uniquely identify an application within its Azure AD tenant. For Secure Messaging, you can use the Sign-on URL appended with your portal code (e.g. https://webapp.secure-messaging.com/myportalcode). If you are unsure of your portal code, please reach out to Secure Messaging Support.
  7. Your application has been added, and you will be taken to the Quick Start page for your application. You can begin updating your application to enable users to sign into Secure Messaging.

Azure Active Directory Integration – Configuration

  1. Once the application has been created, click on the CONFIGURE tab.
  2. Scroll to the single sign-on section and add a new REPLY URL. Enter a reply URL of https://auth.secure-messaging.com/oauth/response. After entering the URL, click on the SAVE button in the lower right.
  3. Open Notepad or some other application that you can save text from the clipboard to.
  4. Generate an autorization key for Secure Messagong to us by scrolling to the keys section. In the select duration dropdown, select 1 year or 2 years and then click on the SAVE button in the lower right. Once the save process is complete, you should see a new key. Copy the newly generated key to notepad.
  5. Compose an email to Secure Messaging Support with a subject line of Azure AD SSO Configuration. In the email body, enter the following information:
    • Portal Code: [Enter Portal Code provided by Secure Messaging]
    • Application Name: [Enter Application Name specified for the Azure AD Application]
    • Client Id: [Enter the Client Id GUID found on the Application Configuration page]
    • OAUTH 2.0 AUTHORIZATION ENDPOINT: [Click on VIEW ENDPOINTS and copy the OAUTH 2.0 AUTHORIZATION ENDPOINT]
    • Key: [Copy Authorization key generated in an earlier step]
  6. Send email. Secure Messaging will complete the configuration and respond with any additional information required.