Skip to main content

Configure external Microsoft login

Integrating Microsoft Entra ID allows users to sign in to your application using their Microsoft accounts. Follow these steps to create an application in Azure, configure the necessary permissions, and obtain your Client ID and Client Secret.

1. Register a New Application in Azure Portal

  • Go to the Azure Portal and sign in with your Microsoft account.
  • Navigate to Azure Active Directory > App registrations > New registration.
  • Enter a name for your application, e.g., "Your Organisation".
  • Choose who can use the application. For most cases, select Accounts in this organizational directory only (Single tenant).
  • Enter the Redirect URI (Web) where Azure AD will return OAuth responses. The redirect should corresponde to the base WeSolve application url, i.e. https://yourdomain.com.
  • Click Register.

2. Configure Permissions

  • Once your application is registered, go to your application's overview page.
  • Navigate to API permissions > Add a permission > Microsoft Graph > Delegated permissions.
  • Search and add the following permissions:
    • User.Read: Allows the app to read the profile of signed-in users.
    • email: Allows access to the user's primary email address.
    • openid: Allows sign-in and read user profile.
    • profile: Allows access to the user's first name, last name, and picture.
  • After adding these permissions, click Add permissions at the bottom.

3. Grant Admin Consent

  • Still in the API permissions section, click Grant admin consent for {Your Organization}.
  • Confirm by clicking Yes. This step requires admin privileges in your Azure AD organization.

4. Obtain Client ID and Client Secret

Client ID
  • Your application's Client ID (also known as Application ID) can be found on the application's overview page in Azure Portal.
Client Secret
  • Navigate to Certificates & secrets > New client secret.
  • Add a description for your secret and choose an expiry period.
  • Click Add, and make sure to copy the Client Secret value immediately, as it won't be displayed again.

5. Use the Client ID and Client Secret in WeSolve

  • In WeSolve Settings > External Login Settings > Microsoft, make sure Enable is checked and enter the Client ID and Client Secret you obtained from the Azure portal.
  • These credentials will be used to authenticate with Microsoft Entra ID and to securely request access tokens.
Back to top