The Flip Syncer is a tool that reads information from Azure AD / Entra ID and sends it to the Flip App. This eliminates the need for internal resources for software development. The Flip Syncer will be set up by your technical contact person at Flip.
Requirements for this guide:
- Your domain and your tenant ID for the Flip App. Your contact person at Flip can provide you this information.
- You have access to the Azure portal at https://portal.azure.com.
- You are entitled to access the overview of and to register new apps at https://portal.azure.com/#view/Microsoft_AAD_RegisteredApps/ApplicationsListBlade.
To use Flip with your existing Azure instance, Flip must be registered as a new app. After this step, the app can be configured to access the Graph API and Single Sign-On (SSO). We will guide you through the individual steps in our step-by-step guide.
If you want to import user and channel information from Azure to Flip with the Flip Syncer, please ensure that Flip is granted access to the Graph API. Visit Granting access to the Graph API for the Flip Syncer after going through the steps in this guide. Also visit Setting up dedicated Entra ID groups for Flip to provide the user base and to automate memberships in Flip channels.
If you intend to enable Single-Sign-On (SSO) for all Flip users, please configure the corresponding sections in your Azure app. Visit Enabling Single-Sign-On for your Flip app after going through the steps in this guide.
The default configuration includes both, the import of user / channel information and Single-Sign-On (SSO).
Further guidance and next steps after registering the new app:
- Setting up dedicated Entra ID groups for Flip
- Granting access to the Graph API for the Flip Syncer
- Enabling Single-Sign-On for your Flip app
- Managing users and channels in Azure
App registration
The type of application that needs to be registered depends largely on the desired authentication method.
- If you plan to authenticate with OIDC, the default type is correct.
- If you plan to authenticate with SAML, you need an enterprise application.
- If you don't plan on authentication and only want to provide access to the Graph API, for example, the default type is correct.
Registering a default application (for OIDC authentication and API-only cases)
The first step is to register a new app in Azure. Use the search box (1) and select “App registrations” (2) to go to the overview of all current registered apps.
Then simply click “New registration” (3). You will be forwarded to a form.
Fill out the form with the following details:
- The name of the new application (1). Use a name which enables you to identify Flip at any time. In this example, we’re simply using “Flip App”.
- The account type (2). In most cases, the first option, “Single tenant”, is enough. Please select the needed option for your case.
Click “Register” to have the new app registered.
You now can proceed with one of the next steps:
- Setting up dedicated Entra ID groups for Flip
- Granting access to the Graph API for the Flip Syncer
- Enabling Single-Sign-On for your Flip app
Registering an Enterprise application (for SAML authentication)
The first step is to register a new Enterprise app in Azure. Use the search box (1) and select “Enterprise applications” (2) to go to the overview of all current registered apps.
Then simply click “Create your own application” (3). You will be forwarded to a form.
Fill out the form with the following details:
- The name of the new application (1). Use a name which enables you to identify Flip at any time. In this example, we’re simply using “Flip App SAML”.
- The intended use (2). Select “Integrate any other application …”.
Click “Create” (3) to have the new app created. The next step is identical to the steps shown for default application registrations.
You now can proceed with one of the next steps:
- Setting up dedicated Entra ID groups for Flip
- Granting access to the Graph API for the Flip Syncer
- Enabling Single-Sign-On for your Flip app
Comments
0 comments
Please sign in to leave a comment.