Introduction
Multi-factor authentication is required for Government-connected software. It enhances security by requiring a second form of verification alongside your password.
If you have Microsoft accounts already secured with multi-factor authentication, your organisation can opt for single sign-on via Microsoft Azure B2C as an alternative to Authenticator App logins.
Step 1: Register an Application
- Within Microsoft Azure AD, go to App registrations and click New registration.
- Create the application by completing the registration application page. You can name the application as you wish. The redirect URL is:
Step 2: Add a Logout URL and select flow options
- Go to Manage Authenticationand add the following logout URL:
- Under Implicit and hybrid flows, click the tick boxes for:
- Access tokens (used for implicit flows); and
- ID tokens (used for implicit and hybrid flows)
Step 3: Add a Scope
- Go to Expose an API.
- Set the Application ID URI as your client ID.
- Click Add a scope and fill in the required information.
Note: A Scope in the Microsoft identity platform are permissions for a given resource that represent what an application (e.g. TaxLab) can access on behalf of the user (e.g. email, family_name, given_name).
What you name the scope is up to you, when adding this for TaxLab it allows the application to get the required information for user login.
Example:
- Scope name: user_impersonation
- Admin consent display name: Access TaxLab application.
- Admin consent description: Allow the application to access TaxLab on behalf of the signed in user.
- User consent display name: Access TaxLab application.
- User consent description: Allow the application to access TaxLab on your behalf.
Step 4: Add optional claims
Under Token Configuration > click the check box next to the following to add optional claims:
- family_name
- given_name
Step 5: Open the Endpoints in Azure AD
- Go to Overview and then click on Endpoints and locate the OpenID Connect metadata document which will end in /.well-known/openid-configuration.
- Copy the client ID
Step 6: Contact TaxLab Support
Please contact [email protected] to discuss options for you to securely provide us with the following information to complete the connection:
- OpenID Connect metadata document;
- client ID.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article