Entra ID Configuration

Configuring Entra ID Single Sign-On (SSO) for Protegrity Browser Protector

To enable SSO using Microsoft Entra ID, formerly Azure AD, for the Protegrity Browser Protector extension, follow the steps below.

Create a New App Registration

1. Log in to the Microsoft Entra Admin Center.
2. Navigate to App registrations > New registration.
3. Provide the following details for the new app:
   • Name: Enter a name for the app, for example, Protegrity Browser Protector.
   • Supported account types: Choose the account type suitable for your organization. For example, accounts in this organizational directory only.
   • Redirect URI: Leave this blank for now; you will configure it in a later step.
4. Click Register to create the app registration.
5. After registration, copy the app_registration_client_id and app_registration_tenant_id displayed on the app overview page. You’ll need these IDs for configuration in Set Up Configuration File for Browser Protector.

Add Redirect URI for Single-Page Application

1. Log in to the Microsoft Entra Admin Center.
2. In the app registration overview, navigate to the Authentication tab.
3. Under Platform configurations, click Add a platform.
4. Select Single-page application from the list.
5. Add a new Redirect URI with the following format:
   • Format: https://pty_extension_id.chromiumapp.org
   • Example: https://epfnbngoodhmbeepjlcohfacgnbhbhah.chromiumapp.org/
   • Replace pty_extension_id with extension id recorded in Extension Source section.
6. Scroll down and set the Logout URL to the same URI:
   • Example: https://epfnbngoodhmbeepjlcohfacgnbhbhah.chromiumapp.org/
7. Click Save to apply the changes.

Finalize Authentication Settings

1. In the Microsoft Entra Admin Center, ensure that:
   • Access tokens and ID tokens are enabled in the Implicit grant and hybrid flows section.
   • Redirect URIs are correctly configured.
2. Save the changes.