Set up SSO with Microsoft Entra ID (Azure)
Prepr offers two ways to log in: by submitting an email address with a password, and via Single Sign-On. Single sign-on (or SSO) is a way to authenticate and log in to an application with just one set of credentials, rather than having to set up multiple usernames and passwords across different platforms. It's a more secure process and prevents potentially losing or forgetting log-in credentials since it's stored through another service.
You can integrate with Microsoft Entra ID (Azure) if you want to let users sign-in from within your company SSO directory controlled by you or your organization.
An additional agreement for Prepr is required to enable the Microsoft Entra ID app.
Microsoft Entra ID Set-up
To sign in with Single Sign-On via Microsoft Entra ID, there are a few steps to set up the integration.
Register your app with Microsoft Entra ID
To create an Microsoft Entra ID app, follow the steps below:
1. Sign in to the Microsoft Entra admin center
2. Go to Settings > Directories > subscriptions to switch to the tenant in which you want to register the application.
3. Go to Identity > Applications > App registrations and select New registration.
4. Enter Prepr SSO as the Name for the new app.
5. Select Accounts in this organizational directory only
6. For the Redirect URI, select Web from the list and enter https://sso.prepr.io/azure/callback
7. Click the Register button.
8. If the app is registered successfully, the app's overview page will be displayed.
9. Click Certificates & secrets in the side menu on the left.
10. Click New client secret, enter Prepr SSO as the name, and select Expire in 24 months.
11. Click the Add button and copy the Secret Value.
Note
The Secret Value is only visible once, so copy this to a safe place for now.
12. Go back to the Overview link in the side menu on the left.
13. Copy the Application (client) ID, and the Directory (tenant) ID.
14. Click the Authentication link in the side menu on the left.
15. Enter https://sso.prepr.io/azure/{application_client_id}/sign-out and replace {application_client_id} with the Application (client) ID retrieved earlier, and click Save.
Provide App credentials
After you registered Prepr in Microsoft Entra ID, please provide Prepr Support with the following details:
- App ID
- Secret value
- Tenant ID
Note
Sign in with Microsoft Entra ID
Once your Prepr account has an Microsoft Entra ID integration, you can use the Single Sign-On button (SSO) on your sign-in screen. When you log in for the first time, you'll receive the default role, set up by your Prepr admin. If you already have an account with that email address, this account will be merged and it will be recognized that you are an Microsoft Entra ID user.
The next time you want to log in, click the Log in with SSO button. You will be recognized as an Microsoft Entra ID user. If you're already logged in, then you will end up in Prepr automatically.
Once you are an SSO user, it is not further possible to log in with the email / password combination.
Each user who has signed in via SSO, can be recognized in the user list with an SSO label. You can also filter all users with this SSO label by selecting Has value in the SSO drop down in the user list filters.
