TIS Training API Documentation
  • Welcome!
  • Quick Start
  • Managing Users
  • Single Sign On (SSO)
    • General Options
    • Role and Group Mappings
    • Connection Types
      • Microsoft Entra ID (Formerly Azure AD)
      • Google Workspace
      • OpenID Connect (OIDC)
      • SAML (Security Assertion Markup Language)
  • SCORM Packages
  • Webhooks
  • API Reference
    • Users
      • 🔵GET users
      • 🔵GET users/seats
      • 🟢POST users
      • 🟠PUT users
      • 🟢POST users/password
      • 🟡PATCH users/enable
      • 🟡PATCH users/disable
      • 🔴DELETE users
    • Results
      • 🔵GET results
      • 🔵GET results/group
    • Groups
      • 🔵GET groups
      • 🟢POST groups/users
      • 🔴DELETE groups/users
    • 🔵GET courses
    • 🔵GET filters
    • 🟢POST login
    • â›”Standard Error Format
  • Webhook Reference
    • Standard Structure
    • Course Complete
    • Multi-Course Complete
  • OpenAPI Specification
Powered by GitBook
On this page
  • Configuration Options
  • Role and Group Mappings
  1. Single Sign On (SSO)
  2. Connection Types

Microsoft Entra ID (Formerly Azure AD)

PreviousConnection TypesNextGoogle Workspace

Last updated 2 months ago

To add your Microsoft Entra ID tenant, you must have permissions within the tenant to grant organisational consent to the TIS Platform application. Click on "Add to my organisation". You will be redirected to the Microsoft login page to grant consent to the application.

Make sure you choose the Microsoft work or school account that is a part of the tenant you wish to connect. Read the requested permissions for the TIS Platform application, and click "Accept" if you are happy to proceed. If you do not accept, you will not be able to use Microsoft Entra ID as a login method for the TIS Platform.

Once you grant the TIS Platform permission for your organisation, you will be redirected back to the administration panel, and a popup will appear, prefilled with your tenant ID.

Configuration Options

Display Name - Required

The Display Name is for administrative purposes only and will not be visible to users, as all Microsoft Entra ID connections will only be shown on the TIS Platform login screen as a single "Sign in with Microsoft" button. This setting is for your administrators to differentiate between multiple Microsoft Entra ID tenants, as multiple connections can be added.

Tenant ID - Prefilled

This tenant ID is prefilled from the previous step and cannot be changed. If the tenant ID is incorrect, please restart the setup process and ensure you grant consent using an account that is part of the tenant you wish to setup a connection for.

Merge Users Where Email Matches an Existing Account

Email Attribute

This is the attribute that should be used to retrieve an email for the user. By default we use preferred_username, however this may also be passed as email or verified_primary_email depending on your Entra ID setup. If you are not sure, you can create the connection using the default setting, and then use "Test SSO Login" to review the information passed by Microsoft. You can then use the "Edit Provider" button to update this if necessary.

Role and Group Mappings

For more information on how role and group mappings work, please see Role and Group Mappings.

For Microsoft Entra ID, Security Groups are used for role and group mappings. To map your Security Groups, please retrieve the Object ID for the group to use in the "Group Object ID" field. This can be found on the Overview page for the Security Group.

We recommend leaving this disabled. For more details, please see .

Merge Users Where Email Matches an Existing Account