Microsoft Entra ID (formerly known as Azure Active Directory) is a popular identity provider that can be used to setup Single Sign-On for your organization in Tempest.

Step-by-step

Below you will find detailed instructions on how to configure Microsoft Entra ID for Tempest.
These instructions assume you already have a Directory in your Microsoft Entra ID account.
1

Go to the Microsoft Entra ID portal and follow Identity > Applications > Enterprise applications.Hero Light
2

Click +New application.Hero Light
3

Click +Create your own application.Hero Light
4

Type in a relevant name, select Non-gallery application, and click Create.Hero Light
5

Follow Identity > Applications > App registrations, and click All applications.Hero Light
6

Click on the application you created.Hero Light
7

Click Add a Redirect URI.Hero Light
8

In Platform configurations click Add a platform.Hero Light
9

Select Web.Hero Light
10

Add the Redirect URL from Tempest and click Configure.Hero Light
11

Click Certificates & secrets and click +New client secret.Hero Light
12

Type in a relevant name, select desired expiration time, and click Add.Hero Light
13

Copy secret Value and paste it into Tempest.Hero Light
14

Copy the Client ID and Tenant ID and paste it into Tempest.Hero Light
15

Additional permissions are needed to support Directory Sync functionality.
Go to API Permissions and grant access to Directory.Read.All and User.Read.All for your application.Hero Light