Purpose
To provide instructions for the technical administrator to configure the integration to Klir’s system using the Microsoft Entra of the organization (former Azure Active Directory), so the users can connect to the Klir system.
Requirements
Having the Azure Active Directory configured for the organization.
Step 1: Create a new App Registration
To connect the organization Azure AD to the Klir system we need to create a new App Registration.
This can be done by going to the Azure Active Directory page, choosing the submenu App registration, then clicking on the button “+ New registration”, like is being shown on the following screen:
Step 2: App Registration Configuration
On the creation page, we need to fill out a few of the details:
- The first one will be the name, which can be anything that you find useful to identify the App registration. No restrictions here.
- On Supported account types, choose “Accounts in this organizational directory only” if the users you want to give access to are only in the current Azure tenant. If you have multiple Azure AD directories and want to connect them too, choose “Accounts in any organizational directory”.
- On Redirect URI, fill the information with the following URI: https://xxxx.klir.com/account/login changing the “xxxx” to the actual subdomain that you have mapped at Klir.
- Finally, just hit Register to finalize this step.
Step 3: Additional Configuration
After creating the App registration, you will be redirected to its page. Then you just need to change one more setting to complete the configuration.
Go to the “Authentication” sub-menu, then find the section “Implicit grant and hybrid flows”. Then check the box next to “ID tokens” and hit Save.
Step 4: Redirect URI Configuration for Mobile App
If you are using Azure AD SSO in the Klir Mobile App you need to configure the Redirect URIs for Android and iOS. On the Authentication page configure the following details:
Android
Package name: com.klir.klir
Signature hash: VzSiQcXRmi2kyjzcA+mYLEtbGVs=
Redirect URI: populated automatically
iOS/macOS
Package name: com.example.klir
Redirect URI: populated automatically
Hit Save when details are completed.
Final Step: Get App Registration Information
Now that the App registration was successfully created and configured you just need to get a few details from it and pass it to Klir to complete the process.
The first information is the “Application (client) ID”. That can be taken by going to the App registration. It will appear on the list in the Overview sub-menu like its being shown below:
The second and last information needed is the “OAuth 2.0 authorization endpoint (v2)”. At the Overview sub-menu click on “Endpoints” to find the information being listed:
That is all. Send back these two settings to Klir to complete the integration.