This the multi-page printable view of this section. Click here to print.

Return to the regular view of this page.

Microsoft Entra ID / Active Directory

Microsoft Entra ID (formerly Azure Active Directory) is a comprehensive identity and access management (IAM) solution providing:

  • Single sign-on (SSO): Access multiple applications with one set of credentials.
  • Multi-factor authentication (MFA): Add an extra layer of security.
  • Conditional access: Grant access based on specific conditions.
  • Directory synchronization: Easily manage user identities across systems.

Integration Setup

  1. Go to the Azure Portal
  2. Navigate to Microsoft Entra or Azure Active Directory.
  3. Click on App Registrations.
  4. Then click on New Registration.
  5. Fill the details like the example below.
  6. Click Register
  7. Once the app is registered, we need to go to Expose an API on the left side menu.
  8. Click on Add a scope.
  9. Fill the details like the example below. (Make sure to use Admins and users for the options “Who can consent?”.
  10.  Once you click in Add scope in the bottom, On the left side menu, click on API permissions.
  11. Click on Add a permission.
  12. Click on Microsoft Graph.
  13. Click on Delegated permissions and then select email and profile like the example below and click Add Permission.
  14. Click on Add a permission again, but this time switch to the second tab on top APIs my organization uses and find the Zing Data API previously created.
  15. Click again in Delegated permissions and select the Zing Access permission and then click Add permissions.
  16. On the left side menu, click on Token configuration and then click Add optional claim. You must choose Token Type: Access and then select email family_name and given_name claims, then click Add on the bottom.
  17. Click on Manifest on the left side menu and click on tab AAD Graph App Manifest, then change the variable accessTokenAcceptedVersion to 2 as in example below.
  18. Last step is to configure access to mobile applications. Click on Authentication on the left side menu and click on Add a platform (Single-page application with Redirect URIs should be already configured).
  19. Then fill it with the appropriate information for Android and iOS apps:
    iOS:
    Bundle ID: com.getzingdata.app
    Android:
    Package name: com.getzingdata.android
    Signature hash: cnsx6OCEI/rJQqehq6baXX93c6w=

With all the steps above completed, everything should be in place for your SSO configuration in Microsoft Azure.

As a last step, please click on Overview in the left side menu and copy the Application (client) ID and Directory (tenant) ID values and send these values to the Zing Data enterprise support team to complete the integration.