Configure Identity Provider for SimplyAP

Tiffany Allen Tiffany Allen | Published on April 22, 2024

Before Getting Started

  • Make sure you are logged into the Azure Directory where your Active Directory users reside
  • One of the steps is to Grant access to the Application in Active Directory. The Application owner or Global administrator role is required. Make sure you have access, or someone is on-hand who has this access.

Navigate to Integration Settings in the Administration section of SimplyAP

After signing up for SimplyAP, log in and navigate to Integration Settings

The Identity Provider section on the right will be where we enter the Azure AD settings

Create an App in Azure Active Directory

Video Instructions

Step by Step Instructions

In a separate browser window, log in to the Microsoft Azure Portal and complete the steps below

  • On MS Azure Home, go to Manage Azure Active Directory > View
  • On the Left menu, select App Registrations
  • On the Top Bar, select New Registration
  • Insert the name of the application, for example: SimplyAP-SSO
  • Press Register.
  • Copy the Client ID and Active Directory TenantID from the Azure Application Overview page, as illustrated below, and Paste into the into the fields in the SimplyAP Identity Provider fields

Add a Secret to the Application

  • Under Certificates & secrets, click New client secret to generate the client secret:
  • Copy the value to the clipboard and paste into the SimplyAP Identity Provider Client Secret field.

Complete Azure AD Configuration

In the App Registration Overview, click Add a Redirect URI

Select Add Platform

Select Web

Click Configure

Add Microsoft Graph Permissions

  • In Azure AD for the App Registration, click API Permissions
  • Click Add a permission and select Microsoft Graph
  • Add the following Application and Delegated permissions (please make sure the Permissions have the ‘Type’ of Application or Delegated as pictured below)
  • Click Grant Admin Consent for your domain if required

Adding Users to the Enterprise Application and Obtaining Object ID

  • In Azure AD for the App Registration, navigate to Enterprise Applications
  • Select the application from the list of applications, and copy the Object ID value then paste it into the SimplyAP Object ID field.
    • IMPORTANT: the Object ID from the ‘Enterprise Application’ as pictured below is what needs to be used. There is a different Object ID as part of the App Registration that will not work for this purpose.
  • Then click on Assign Users and Groups
  • Add the AD users that are to be users of SimplyAP. Users can be added directly to the application. Groups can also be added to the application, and the users that are in those groups will become SimplyAP users. Please note that a corresponding Group object will not be created in SimplyAP, just the users within the group.
  •  Note that each user must have a value for Email Address in Active Directory to be used with SimplyAP  

Verify Connection Status in SimplyAP

  • Once the values have been filled in, the Identity Provider page should look similar to the one below
  • Click on the blue Save button at the bottom of the page
  • If the connection is successful, the Status indicator at the top-right of the page will turn green and show Connected, and the users that were added to the Enterprise application in the earlier step can be imported to SimplyAP in the Users section of the administrative area.
Tiffany Allen

Tiffany Allen

As a Channel Program Director at Paymerang, Tiffany is focused on the management and execution of partner programs. With more than 15 years in the Microsoft Dynamics scope, Tiffany channels her extensive marketing experience to generate new partnerships for Paymerang.