Microsoft Sign in usage: Difference between revisions

From VoIPmonitor.org
(Make 'Coming Soon' status more prominent to prevent RAG confusion)
(Review: přidány kategorie, Overview sekce s diagramem, vylepšena struktura, přidán krok pro poznamenání IDs, přidána AI Summary for RAG sekce)
Line 1: Line 1:
{{DISPLAYTITLE:How to Set Up Microsoft Sign-In}}
{{DISPLAYTITLE:How to Set Up Microsoft Sign-In}}
[[Category:Configuration]]
[[Category:Authentication]]


'''Microsoft Sign-In Status: COMING SOON (Not Yet Available in Stable GUI)'''
'''Microsoft Sign-In Status: COMING SOON (Not Yet Available in Stable GUI)'''
Line 11: Line 13:
'''Note: The configuration guide below applies to development builds and future stable releases. Do not attempt these steps unless you have a GUI version that supports Microsoft Sign-In.'''
'''Note: The configuration guide below applies to development builds and future stable releases. Do not attempt these steps unless you have a GUI version that supports Microsoft Sign-In.'''


== Part 1: How to Register an Application in Microsoft Entra ==
== Overview ==


This guide will walk you through the necessary steps to register a new application in your Microsoft Entra ID (formerly Azure Active Directory) and correctly configure it for integration with the VoIPmonitor GUI.
The Microsoft Sign-In integration allows VoIPmonitor GUI users to authenticate using their Microsoft Entra ID (formerly Azure Active Directory) accounts. This provides:
* Single Sign-On (SSO) capability
* Centralized user management through Microsoft Entra
* Enhanced security with Microsoft's authentication infrastructure
 
<kroki lang="mermaid">
flowchart LR
    subgraph Entra["Microsoft Entra"]
        A[Register App] --> B[Get Client ID]
        B --> C[Get Tenant ID]
        C --> D[Assign Users]
    end
    subgraph GUI["VoIPmonitor GUI"]
        E[Enable MS Sign-In] --> F[Configure IDs]
        F --> G[Map Users]
    end
    D --> E
</kroki>
 
== Part 1: Register Application in Microsoft Entra ==
 
This guide walks you through registering a new application in Microsoft Entra ID and configuring it for VoIPmonitor GUI integration.
 
=== 1. Sign in to Microsoft Entra admin center ===


=== 1. Sign in to the Microsoft Entra admin center ===
Open a web browser and navigate to [https://entra.microsoft.com https://entra.microsoft.com].
Open a web browser and navigate to [https://entra.microsoft.com https://entra.microsoft.com].


Line 21: Line 45:


=== 2. Navigate to App registrations ===
=== 2. Navigate to App registrations ===
In the left-hand menu, go to '''App registrations'''.
In the left-hand menu, go to '''App registrations'''.


=== 3. New registration ===
=== 3. Create new registration ===
 
At the top of the page, click the '''+ New registration''' button.
At the top of the page, click the '''+ New registration''' button.


=== 4. Basic Application Information ===
=== 4. Configure Application Settings ===
;Name:
 
:Enter a meaningful name for your application (e.g., "VoIPmonitor SSO").
; Name
: Enter a meaningful name for your application (e.g., "VoIPmonitor SSO").
 
; Supported account types
: Choose who can use the application. For internal use, select ''Accounts in this organizational directory only''.


;Supported account types:
; Redirect URI - Platform
:Choose who can use the application. For internal use, the most common option is ''Accounts in this organizational directory only''.
: Choose '''Single page application'''.


In the '''Redirect URI''' section, you need to select the platform type and URI.
; Redirect URI - URL
: Enter the URL where your VoIPmonitor GUI is installed.


;Platform selection:
'''IMPORTANT Redirect URI rules:'''
:Choose '''Single page application'''.
* Do '''not''' include ''admin.php'' or ''index.php'' at the end
* Do '''not''' include a trailing slash (/) at the end


;Redirect URIs:
<syntaxhighlight lang="text">
:Enter the URL where your VoIPmonitor GUI is installed.
# Correct format:
https://voipmonitor.yourdomain.com


'''IMPORTANT:'''
# Incorrect formats:
* Do not include ''admin.php'' or ''index.php'' at the end.
https://voipmonitor.yourdomain.com/
* Do not include a trailing slash (/) at the end.
https://voipmonitor.yourdomain.com/admin.php
https://voipmonitor.yourdomain.com/index.php
</syntaxhighlight>


Correct format example:
Click the '''Register''' button to complete registration.
https://voipmonitor.yourdomain.com


Click the '''Register''' button at the top of the page.
=== 5. Note the Application IDs ===


== Part 2: How to Assign Users to the Application ==
After registration, you will be taken to the application's Overview page. Note the following values (you will need them for GUI configuration):
* '''Application (client) ID''' - Used as "Microsoft client ID" in VoIPmonitor
* '''Directory (tenant) ID''' - Used as "Microsoft tenant ID" in VoIPmonitor
 
== Part 2: Assign Users to the Application ==


After registering the application, you must assign the users who will be allowed to sign in.
After registering the application, you must assign the users who will be allowed to sign in.


=== 1. Navigate to Users ===
=== 1. Navigate to Users ===
In the left-hand menu, go to '''Users'''.


=== 2. Assign Users ===
In the Microsoft Entra left-hand menu, go to '''Users'''.
Click the '''+ Add user'''.


The wizard will guide you through adding a user.
=== 2. Add Users ===
 
Click '''+ Add user''' and follow the wizard to add users who should have access to VoIPmonitor through Microsoft Sign-In.


== Part 3: VoIPmonitor GUI Configuration ==
== Part 3: VoIPmonitor GUI Configuration ==
Line 67: Line 105:


=== 1. Enable Microsoft Sign-In ===
=== 1. Enable Microsoft Sign-In ===
Navigate to '''Settings > System configuration'''.


Scroll down to the '''Advanced''' section.
# Navigate to '''Settings > System configuration'''
# Scroll down to the '''Advanced''' section
# Enable the option '''Enable Microsoft Sign in'''
# Fill in the configuration fields:
#* '''Microsoft client ID''': Enter the ''Application (client) ID'' from Microsoft Entra
#* '''Microsoft tenant ID''': Enter the ''Directory (tenant) ID'' from Microsoft Entra
#* '''Redirect URI for Microsoft Sign in''': Leave empty (auto-detected). Only fill if automatic detection fails.
 
=== 2. Configure User Mappings ===
 
Navigate to '''Users & Audit > Users'''.
 
For each user who should use Microsoft Sign-In:
 
# Edit their user profile
# Go to the '''secure users''' tab
# Fill in the '''Microsoft Sign In emails''' field with their Microsoft account email
 
=== 3. Configure Default User (Optional) ===


Enable the option '''Enable Microsoft Sign in'''.
If you want to define a default user for Microsoft Sign-In (for users who are not explicitly mapped):


Fill in the '''Microsoft client ID''' and '''Microsoft tenant ID''' fields. Use the ''Application (client) ID'' and ''Directory (tenant) ID'' values from the Overview page of your app registration in Microsoft Entra.
# Edit the desired default user's profile
# Go to the '''basic data''' tab
# Check the '''Default Microsoft Sign In account''' option


Leave the '''Redirect URI for Microsoft Sign in''' field empty. The system will automatically detect it during the sign-in process. This field is available as a fallback in case automatic detection fails.
== AI Summary for RAG ==


=== 2. Configure Users ===
'''Summary:''' This guide documents the Microsoft Sign-In (SSO) integration for VoIPmonitor GUI, which is currently in development and not yet available in stable releases. The setup requires three main steps: (1) Register an application in Microsoft Entra (formerly Azure AD) by creating a new app registration with Single Page Application platform type, noting the Client ID and Tenant ID, and ensuring the Redirect URI matches the VoIPmonitor GUI URL exactly without trailing slashes or page names. (2) Assign users in Microsoft Entra who should have access. (3) Configure VoIPmonitor GUI by enabling Microsoft Sign-In in Settings > System configuration > Advanced, entering the Client ID and Tenant ID, and mapping VoIPmonitor users to their Microsoft email addresses in the secure users tab. A default Microsoft Sign-In account can be configured for unmapped users.
Navigate to '''Users & Audit > Users'''.


For each user who should use Microsoft Sign-In, edit their profile and go to the '''secure users''' tab. Fill in the '''Microsoft Sign In emails''' field with their corresponding Microsoft account email.
'''Keywords:''' Microsoft Sign-In, SSO, Single Sign-On, Microsoft Entra, Azure AD, Azure Active Directory, authentication, OIDC, OAuth, GUI login, enterprise authentication, Microsoft integration, tenant ID, client ID, redirect URI, user mapping


If you want to define a default user for Microsoft Sign-In (for users who are not explicitly mapped), edit that user's profile, go to the '''basic data''' tab, and check the '''Default Microsoft Sign In account''' option.
'''Key Questions:'''
* How do I enable Microsoft Sign-In in VoIPmonitor?
* How do I configure SSO with Microsoft Entra for VoIPmonitor?
* What is the correct Redirect URI format for Microsoft Sign-In?
* Where do I find the Microsoft client ID and tenant ID?
* How do I map VoIPmonitor users to Microsoft accounts?
* Is Microsoft Sign-In available in the stable GUI version?
* How do I set up a default user for Microsoft Sign-In?
* Why can't I see the Microsoft Sign-In option in my GUI?

Revision as of 11:23, 6 January 2026


Microsoft Sign-In Status: COMING SOON (Not Yet Available in Stable GUI)

IMPORTANT: Microsoft Sign-In integration is scheduled for inclusion in an upcoming stable GUI release. This feature is NOT currently available in the stable VoIPmonitor GUI.

If you do not see the "Enable Microsoft Sign in" option in your GUI under Settings > System configuration > Advanced, your current version does not support this feature.

If you need Microsoft Sign-In immediately, please contact VoIPmonitor support to request a development branch GUI package that includes this functionality.

Note: The configuration guide below applies to development builds and future stable releases. Do not attempt these steps unless you have a GUI version that supports Microsoft Sign-In.

Overview

The Microsoft Sign-In integration allows VoIPmonitor GUI users to authenticate using their Microsoft Entra ID (formerly Azure Active Directory) accounts. This provides:

  • Single Sign-On (SSO) capability
  • Centralized user management through Microsoft Entra
  • Enhanced security with Microsoft's authentication infrastructure

Part 1: Register Application in Microsoft Entra

This guide walks you through registering a new application in Microsoft Entra ID and configuring it for VoIPmonitor GUI integration.

1. Sign in to Microsoft Entra admin center

Open a web browser and navigate to https://entra.microsoft.com.

Sign in using an account with administrative privileges.

2. Navigate to App registrations

In the left-hand menu, go to App registrations.

3. Create new registration

At the top of the page, click the + New registration button.

4. Configure Application Settings

Name
Enter a meaningful name for your application (e.g., "VoIPmonitor SSO").
Supported account types
Choose who can use the application. For internal use, select Accounts in this organizational directory only.
Redirect URI - Platform
Choose Single page application.
Redirect URI - URL
Enter the URL where your VoIPmonitor GUI is installed.

IMPORTANT Redirect URI rules:

  • Do not include admin.php or index.php at the end
  • Do not include a trailing slash (/) at the end
# Correct format:
https://voipmonitor.yourdomain.com

# Incorrect formats:
https://voipmonitor.yourdomain.com/
https://voipmonitor.yourdomain.com/admin.php
https://voipmonitor.yourdomain.com/index.php

Click the Register button to complete registration.

5. Note the Application IDs

After registration, you will be taken to the application's Overview page. Note the following values (you will need them for GUI configuration):

  • Application (client) ID - Used as "Microsoft client ID" in VoIPmonitor
  • Directory (tenant) ID - Used as "Microsoft tenant ID" in VoIPmonitor

Part 2: Assign Users to the Application

After registering the application, you must assign the users who will be allowed to sign in.

1. Navigate to Users

In the Microsoft Entra left-hand menu, go to Users.

2. Add Users

Click + Add user and follow the wizard to add users who should have access to VoIPmonitor through Microsoft Sign-In.

Part 3: VoIPmonitor GUI Configuration

This section requires a GUI version that supports Microsoft Sign-In (development branch or future stable release).

1. Enable Microsoft Sign-In

  1. Navigate to Settings > System configuration
  2. Scroll down to the Advanced section
  3. Enable the option Enable Microsoft Sign in
  4. Fill in the configuration fields:
    • Microsoft client ID: Enter the Application (client) ID from Microsoft Entra
    • Microsoft tenant ID: Enter the Directory (tenant) ID from Microsoft Entra
    • Redirect URI for Microsoft Sign in: Leave empty (auto-detected). Only fill if automatic detection fails.

2. Configure User Mappings

Navigate to Users & Audit > Users.

For each user who should use Microsoft Sign-In:

  1. Edit their user profile
  2. Go to the secure users tab
  3. Fill in the Microsoft Sign In emails field with their Microsoft account email

3. Configure Default User (Optional)

If you want to define a default user for Microsoft Sign-In (for users who are not explicitly mapped):

  1. Edit the desired default user's profile
  2. Go to the basic data tab
  3. Check the Default Microsoft Sign In account option

AI Summary for RAG

Summary: This guide documents the Microsoft Sign-In (SSO) integration for VoIPmonitor GUI, which is currently in development and not yet available in stable releases. The setup requires three main steps: (1) Register an application in Microsoft Entra (formerly Azure AD) by creating a new app registration with Single Page Application platform type, noting the Client ID and Tenant ID, and ensuring the Redirect URI matches the VoIPmonitor GUI URL exactly without trailing slashes or page names. (2) Assign users in Microsoft Entra who should have access. (3) Configure VoIPmonitor GUI by enabling Microsoft Sign-In in Settings > System configuration > Advanced, entering the Client ID and Tenant ID, and mapping VoIPmonitor users to their Microsoft email addresses in the secure users tab. A default Microsoft Sign-In account can be configured for unmapped users.

Keywords: Microsoft Sign-In, SSO, Single Sign-On, Microsoft Entra, Azure AD, Azure Active Directory, authentication, OIDC, OAuth, GUI login, enterprise authentication, Microsoft integration, tenant ID, client ID, redirect URI, user mapping

Key Questions:

  • How do I enable Microsoft Sign-In in VoIPmonitor?
  • How do I configure SSO with Microsoft Entra for VoIPmonitor?
  • What is the correct Redirect URI format for Microsoft Sign-In?
  • Where do I find the Microsoft client ID and tenant ID?
  • How do I map VoIPmonitor users to Microsoft accounts?
  • Is Microsoft Sign-In available in the stable GUI version?
  • How do I set up a default user for Microsoft Sign-In?
  • Why can't I see the Microsoft Sign-In option in my GUI?
Retrieved from "https://www.voipmonitor.org/doc/index.php?title=Microsoft_Sign_in_usage&oldid=8698"