Skip to main content
All CollectionsRedTeam FlexRedTeam Flex - Configuration
RedTeam Flex - Configure Entra ID(formerly known as Azure AD) SSO
RedTeam Flex - Configure Entra ID(formerly known as Azure AD) SSO

A document to help Admins configure the enterprise application with Federated SSO.

Updated over 5 months ago

Step 1: Create Enterprise Application in Azure Portal

Important:

In order to set up SSO with Azure, you must have a paid subscription with Azure.

A screenshot of a computer

Description automatically generated
  • Click + New Application

A screenshot of a computer

Description automatically generated
  • Create your own application

A screenshot of a computer

Description automatically generated
  • Give your new app a name.
    Important: Do not select RedTeam from the available options that will pop up, you need to create it as NEW.

  • Select the option Register an application to integrate with Microsoft Entra ID


  • Click Create

  • On the section for Supported account types: Select (Single Tenant)
    Click Register when you are ready.

Step 2: Add Redirects

Navigate to the Enterprise Applications menu and select your app from the list.

Navigate to Single sing-on form the menu on the left.

And click Go to Application

Navigate to the Authentication section

Click on +Add a platform and select Single-page application

Copy and paste the link below in the Redirect URIs

Step 3: Configure options

Scroll down to navigate to the next section. Make sure your Options are selected the same as below so that Entra ID will be able to send ID and Access Tokens.

Click Save when you are ready.

Click Certificates & Secrets on the Left menu and then select Federated Credentials from the options.

Click on +Add credential

Select Customer Managed Keys from the dropdown

Select the corresponding Subscription for your company the Identity and click Select at the bottom.



Give a name to your new Credential and click Save.

Add Optional Token Claims(this step is not optional)

Navigate to Token Configuration from the left menu and click +Add optional claim

Select the Token Type and claims from the list.

You can select multiple for the same Type and click Add when ready.

When selecting the Claims that are type ID, you will see this pop-up, check the box and click Add as well on this one.

Once you finish adding all the types, make sue they match the following claims shown below:

Step 4: Add Groups/Users

In order to provide access to the Single Sign On through this enterprise app, you will need to add them as a User. You can do that in the “Users and groups” section. Here’s some documentation on that: Manage users and groups assignment to an application - Microsoft Entra ID | Microsoft Learn

  • Navigate to Overview on the left menu and click on the Application name

  • Click Assign Users and Groups and select users/groups that need to be allowed to access app.

Step 5: Obtain ID’s for Configuring Application

  • Navigate to Overview and copy the client ID which is needed to configure SSO in the Flex/Fieldlens application.

Step 6: Add Configuration for Mobile Applications

  • Navigate to Authentication section of the Enterprise Application:

  • Click "Add a platform"

  • Select IOS or Android (if using both, configure each individually)

  • Enter values shown below:

IOS / macOS

Bundle ID

RedTeamShare

Redirect URI

msauth.RedTeamShare://auth

Android

Package name

com.redteamsoftware.redteamshare

Signature hash

2jmj7l5rSw0yVb/vlWAYkK/YBwk=

Redirect URI

msauth://com.redteamsoftware.redteamshare/2jmj7l5rSw0yVb%2FvlWAYkK%2FYBwk%3D

Final configuration with both Android/IOS should look like this

Step 7: Add SSO Configuration to RedTeam Flex Configuration

  • In RedTeam Flex an Admin will need to go to the Configuration Menu

  • Within the Configuration Menu, navigate to My Company under Controls

  • Scroll down to SSO Configuration, there you will need to input Company Domain, Client ID, Authority, and the Redirect URL which were all configured from the steps above

  • Once complete, hit Save

Did this answer your question?