These instructions are intended for Azure/IT administrators or technical staff responsible for configuring identity and access management in their organization. The steps should be performed by someone with administrative access to both Azure Active Directory and WorkEasy Software.
Ensure you have an active Azure subscription.
Refer to the Microsoft tutorial to register the application in Azure Entra ID.
Sign in to https://portal.azure.com/.
Select Azure Active Directory on the left sidebar.
Go to App registrations and click New registration.
Enter a name for the registered application that reflects its purpose.
Under Supported account types > Who can use this application or access this API?, select the third option Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts.
Use the following Redirect URI: <IdentityServer BaseUrl>/federation/AzureAD.<CompanyCode>/signin
.png?sv=2022-11-02&spr=https&st=2025-08-23T18%3A54%3A00Z&se=2025-08-23T19%3A05%3A00Z&sr=c&sp=r&sig=%2Fxq6aMKW4kHT9S02dHRTOkouwY6DirRt45VEjlnVEi4%3D)
Note:
Although multiple Redirect URIs can be added, only the first one is used.
Changes may take 3–5 minutes to take effect.
Go to Manage > Authentication > Implicit grant and hybrid flows, and select ID tokens.
.png?sv=2022-11-02&spr=https&st=2025-08-23T18%3A54%3A00Z&se=2025-08-23T19%3A05%3A00Z&sr=c&sp=r&sig=%2Fxq6aMKW4kHT9S02dHRTOkouwY6DirRt45VEjlnVEi4%3D)
Create a client secret at Manage > Certificates & secrets > Client secrets, then click + New client secret.
.png?sv=2022-11-02&spr=https&st=2025-08-23T18%3A54%3A00Z&se=2025-08-23T19%3A05%3A00Z&sr=c&sp=r&sig=%2Fxq6aMKW4kHT9S02dHRTOkouwY6DirRt45VEjlnVEi4%3D)
Enter a Description and select an expiration date. Copy the newly created secret and store it securely for later use.
.png?sv=2022-11-02&spr=https&st=2025-08-23T18%3A54%3A00Z&se=2025-08-23T19%3A05%3A00Z&sr=c&sp=r&sig=%2Fxq6aMKW4kHT9S02dHRTOkouwY6DirRt45VEjlnVEi4%3D)
Ensure that each user's email address matches their Azure identity. Go to Home > Overview > Properties.
.png?sv=2022-11-02&spr=https&st=2025-08-23T18%3A54%3A00Z&se=2025-08-23T19%3A05%3A00Z&sr=c&sp=r&sig=%2Fxq6aMKW4kHT9S02dHRTOkouwY6DirRt45VEjlnVEi4%3D)
Go to Overview and copy the Application (client) ID and the Directory (tenant) ID.
.png?sv=2022-11-02&spr=https&st=2025-08-23T18%3A54%3A00Z&se=2025-08-23T19%3A05%3A00Z&sr=c&sp=r&sig=%2Fxq6aMKW4kHT9S02dHRTOkouwY6DirRt45VEjlnVEi4%3D)
Send the following information to WorkEasy Software to register the application:
CompanyCode: company code in WorkEasy Software
AD_TenantId: Directory (tenant) ID
AD_ClientId: Application (client) ID
AD_ClientSecret: IdentityServer secret value from the step above
After WorkEasy Software has registered the application for SSO, perform a login test using the URL https://accounts.workeasysoftware.com/Account/login?urltoken=<CompanyCode>