Single Sign-On (SSO)
Microsoft Entra ID
Light mode
T
Getting started
Start guide
Company
General
Cloud
Documents
Activity
Billing
Single Sign-On (SSO)
Microsoft Entra ID
Okta
Auth0
Google Identity
Amazon Cognito
Account
Preferences
Architectures
Published
Designs
Generate
Review
Insights
Tools

Microsoft Entra ID

Enables secure Single Sign-On (SSO) between your organization and Dawnguard.

Create App Registration

  1. Go to https://portal.azure.com.
  2. In the search bar, type App registrations and select it under Services.
  3. Click + New registration.
  4. In the Name field, enter Dawnguard.
  5. Under Supported account types, select: Accounts in this organizational directory only.
  6. In the Redirect URI section, select Single-page application (SPA) under Select a platform.
  7. Copy and paste the following value:
Input Value
Redirect URI https://dawnguard.app/
Copy
  1. Click Register to complete the registration.

Add App Roles

  1. In the Dawnguard app registration, go to the Manifest tab under Manage.
  2. In the Microsoft Graph App Manifest (New) code editor, search for the property appRoles.
  3. Replace the line "appRoles": [] with the following code:
  
    "appRoles": [
      {
        "allowedMemberTypes": ["User"],
        "description": "Standard user access to Dawnguard",
        "displayName": "dawnguard-user",
        "id": "GUID-1",
        "isEnabled": true,
        "value": "dawnguard-user"
      },
      {
        "allowedMemberTypes": ["User"],
        "description": "Admin access to Dawnguard",
        "displayName": "dawnguard-admin",
        "id": "GUID-2",
        "isEnabled": true,
        "value": "dawnguard-admin"
      }
    ],
  
  

     

        
          
        
        
        	
        
     

     Copy
  1. In that code, locate the lines "id": "GUID-1" and "id": "GUID-2".
  2. Replace GUID-1 and GUID-2 with unique GUIDs, generated at guidgenerator.com.
  3. Click Save above the code editor to apply your changes.

Assign User and Group Roles

  1. In the search bar, type Enterprise applications and select it under Services.
  2. Under All applications, click the newly created Dawnguard app registration.
  3. Under Getting Started, click 1. Assign users and groups.
  4. Click + Add user/group.
  5. Under Users and groups, click None selected.
  6. Filter and select all users and/or groups you want to grant access to Dawnguard.
  7. Click Select.
  8. Under Select a role, click None selected.
  9. Select either: dawnguard-admin (full access) or dawnguard-user (limited access).
  10. Click Select again.
  11. To finish, click Assign.
  12. Repeat for any additional roles as needed.

Share OIDC Details

  1. In the search bar, type App registrations and select it under Services.
  2. Under All applications, click the newly created Dawnguard app registration.
  3. In the Essentials section, locate and copy the Directory (tenant) ID and Application (client) ID.
  4. Open the email from Dawnguard with the subject Dawnguard SSO Configuration Details.
  5. In the form included in that email, paste the following values:
Input Value
Company domain name E.g. dawnguard.ai
OIDC Authority Directory (tenant) ID
OIDC Client ID Application (client) ID
  1. In the form, under Customer Cloud, select your cloud provider (AWS, Azure, or GCP).
  2. Click Submit.
  3. Dawnguard will create your organization environment.
  4. You will be contacted by email to schedule a kickoff call once SSO has been configured.