A new client application in your MS Entra is required.
Go to Application Creation to create a new application.
Choose a relevant name such as 'ABAX SSO'.
Choose 'Single Tenant' as the 'Supported account types' option.
Redirect URI - Web - https://auth.abax.cloud/ui/login/login/externalidp/callback
Click 'Register'.
A client secret is required for us to access the application.
Click 'Certificates & secrets'
Click 'New client secret', enter a description, expiry date and add the secret
Save the value of the secret after it is created. You will not be able to see this value again. If you lose the secret before you configure SSO in ABAX, you will have to create a new one.
Some information needs to be included in the authentication token when it's sent to ABAX.
Click 'Token configuration'
Click 'Add optional claim'
Select id token as the token type and select email as claim.
ABAX needs some API permissions for the application, to authenticate and read user details.
Click 'API Permissions'
Add email, profile, User.Read and openid from Microsoft Graph permissions.
In the SSO configuration wizard, select Microsoft Entra ID (OIDC authentication)
Enter the Application Client ID and Client Secret
Click 'Finish'
Your configuration details will be shown after ABAX has configured your installation. Verify that the configuration works correctly by logging out and logging in again via SSO
