To enable Azure AD Authentication integration for your organization, Benemen Authenticator application must be registered to customer Active Directory in Azure management portal.
If Multi-Factor Authentication (MFA) is enabled on Azure AD, Benemen Datacenter IP Addresses (80.88.186.0/23) must be whitelisted. More information: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips
Registering the Authenticator Application
1. Log in to https://portal.azure.com
2. Select Azure Active Directory -> App registrations
3. Select New application registration
4. Enter details and click Register
Name for application, for example 'Benemen Authenticator'
Accounts in this organization only
Redirect URI is not needed
5. Go to Authentication tab and configure following
Select Implicit grant: ID tokens
Treat application as a public client: Yes
Click Save
6. Go to Permissions tab
Make sure that app have User.Read permission
Click Grant admin consent and Yes to confirmation
7. Make sure that there is a green mark for Admin consent
8. Go to Overview tab
Send Application ID value to Benemen