This is a technical procedure that allows you to connect your Microsoft Entra ID to the ITESLIVE Studio. Once this has been completed, your users can link their Microsoft Entra ID accounts to their ITESlive user
| Available with: |
| Windows Player : Starter, Pro, Premium Web Player : Starter, Pro, Premium LG webOS Signage Player : Starter, Pro, Premium Samsung SMART Signage Platform (SSSP / Tizen) Player : Starter, Pro, Premium Brightsign Player: Starter, Pro, Premium Android Player: Starter, Pro, Premium Linux Player: Starter, Pro, Premium macOS Player: Starter, Pro, Premium |
Note: It is possible to create a link between your corporate accounts (Microsoft Entra ID) and your users on the Studio. That being said, this procedure is technical and will require the help of your network administrator.
The association between your Microsoft Entra ID and your ITESlive Studio users is made in several steps, there are configurations on your Microsoft Azure environment and there are configurations that must be completed once you are connected to the ITESlive Studio.
Important: Your administrator must have access to the ITESlive Studio to complete part of the procedure, they will ne to have the permission to create a new connection provider on the ITESlive Studio.
1. Microsoft Azure Configurations
Important: The instaldlation and the configuration of the Microsoft Entra ID features must have been completed on your Microsoft Azure environment to proceed with this procedure.
Once you are connected to your Microsoft Azure portal, click "More services".
On the "All services page", click on "Microsoft Entra ID".
Click the "Add' button and select "App registration".
Enter a name that represents the reason for which the "App registration" will be used.
I.E. ITESlive Studio
Ensure that the "Accounts in this organizational directory only" radial button is active.
Under the "Redirect URL (optional)" header, select the "web" platform and enter the following URL.
https://studio.ITESlive.tv/api/SSO/LoginSSO
Click on the "Register" button in the bottom left corner of the window to complete the "App registration" creation.
Once you are on the page for the "App registration" you just created, click on the "Add a certificate or secret" button.
Click on the "New client secret" button.
Enter a description for the client secret and select the expiration date among the options offred by Microsoft Azure and click the "Add" button.
Important: It is important to note the selected configuration for the expiration date, as the link between ITESlive Studio and Microsoft Entra ID will no longer work after the secret expires.
Copy and conserve the client secret's value, this information will be required to complete the configurations on the ITESlive Studio and will not be available after you close this window.
Click on the "Token configuration" button. 
Click the "Add optional claim" button.
Activate the "ID" button.
In the list displayed under the token types, click the "email" entry and click the "Add" button.
In the pop-up, activate the "Turn on Microsoft graph email permission" checkbox and click the "add" button.
To obtain the information for the "Client Id", "OAuth2 URL Authorize" and "OAuth2 URL Token" that will be required for the configurations on the Studio, click on the "Overview" button.
Click on the "Endpoints" button.
Copy and conserve the values of the "Application (client) ID", "OAuth 2.0 authorization endpoint (v2)" et "OAuth 2.0 token endpoint (v2)" fields.
2. ITESlive Studio configurations
Important: The user that will complete the following steps will need to have access to creating a login provider in the ITESlive Studio.
Once logged into the ITESlive Studio, click the configuration tab and select the login provider management.
Select the account group in which you wish to add a login provider. If you want to apply this change for your entire organization, you can simply select the account group that contains your entire display network. Once you have selected the account group, click the "New login provider" button. 
The next step is to complete the following fields.
- Name:The name that will identify this connection method on the Studio.
- Client Id: The Client ID of the application that will be used.
Note: The Client ID is the one you noted earlier on in the process.
- Client Secret: This field is the client secret you created earlier.
Note: The Client secret is the one you noted earlier on in the process.
- OAuth2 URL Authorize: This information must be taken from your App registration in your Microsoft Entra ID.
Note: The OAuth2 URL Authorize is the one you noted earlier on in the process.
- OAuth2 URL Token: This information must be taken from your App registration in your Microsoft Entra ID.
Note: The OAuth2 URL Token is the one you noted earlier on in the process.
Once you entered the required information to create a new login provider, click the icon that represents a floppy disk to save the login provider.
3. External identity and access management
Following the creation of the login provider, users will be able to connect their Microsoft Entra ID account in their user preferences. A new button is displayed with an icon representing a key will be displayed.
The ITESlive Studio will redirect the user to an SSO connection page, the user must successfully connect to their user on the Microsoft Entra ID the association will be displayed in the alternate login list once this has been completed.
