Skip to main content
Skip table of contents

Adding an Azure AD Enterprise Application in TelluCare

This guide describes how to add an Azure AD enterprise application in TelluCare for the combination of Azure SSO and Provisioning.

1. Creating an Enterprise Application in Azure

  1. Navigate to Enterprise Applications: Go to the Azure portal, navigate to "Enterprise applications," and click on "New application."

2.Create Your Own Application: Click on "Create your own application" and input a suitable name for this application. The name can be changed later.

  1. Add User.Read Permission: To enable user login via Azure SSO, you need to add the User.Read permission:

Then, go to "Application registration," "API Properties," and "Add a permission."

  1. Add a Secret:

To enable TelluCare SSO, you need to add a client secret:

  • Click on "Certificates & secrets" and "New client secret."

  • Input a suitable name for the secret and select an expiration time.

  • Store the "Value," as it will be entered in TelluCare and is not accessible later.
    When the secret expires, create a new one and enter its "Value" in TelluCare.

  1. Fetch Application and Directory ID: Click on "Overview" to obtain the Application and Directory ID.Click on “Overview” to fetch Application and Directory ID.

2. Configuring TelluCare for SSO

  1. Enter Application Details: The secret, along with the Application and Directory ID, should be entered in TelluCare to enable SSO:

    • Click "Account Settings" in the left menu (you need to be an Administrator or Tellu Support at the top level).

    • Click the arrow to edit the Azure account.

  1. Add Redirect URL in Azure:

  • Click "Authentication," "Add a platform," and then "Web."

Add the Redirect URL generated in TelluCare.

  1. Admin Consent: Admin consent is needed. Navigate back to the Enterprise application, click on "Permissions" under the Security pane, and "Grant admin consent for …."

3. Activating Provisioning for User Synchronization

  1. Activate Provisioning in TelluCare:

    •  Open Account settings and then Click “Activate provisioning” and store the secret token that is generated.

  1. Activate Provisioning in Azure:

  • Click on "Provisioning" and "Get started."

  • Select "Automatic" as the provisioning mode.

  • Enter the Tenant URL and Secret Token from the previous step.

3.Enable Groups and Users: Both groups and users should be enabled with "Attribute mapping" set appropriately.

  1. Provisioning Based on Groups:

  • After the first provisioning cycle, you can see provisioned groups and the number of users for each group in TelluCare.

  • Assign TelluCare roles to the provisioned group to ensure all users within that group receive a certain role, or configure roles for users individually. New users will receive the configured role in future provisioning cycles if applicable.

By following these steps, you can efficiently and compliantly log events and manage user synchronization in TelluCare using Azure AD.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close