Logo easyauth.ch

Admin Documentation

Welcome to the easyauth.ch admin documentation. This guide will help administrators set up and manage the code card authentication system for their Microsoft Entra ID tenants.

Note: Please request the Postman example client from isolutions for a sample API client.

Step 1: Register the Multi-tenant Application

Connect-AzureAD -TenantId ''
New-AzureADServicePrincipal -AppId 'f7b8ae1b-ee0b-45da-9a98-64f903092dce'
        

Note: The application only requires delegated profile data of the user.

Step 2: Create an External Authentication Method

  1. Create a Microsoft Entra ID security group for MFA and add a test user to this group.
  2. Open the Security/Authentication methods/New external method and use the EAM Setup values:
    • Client ID: oidc-implicit-eam-mfa
    • Discovery Endpoint: https://easyauth.ch/.well-known/openid-configuration
    • App ID: f7b8ae1b-ee0b-45da-9a98-64f903092dce
  3. Use the security group to apply the MFA.
EAM Group Onboarding

Step 3: Get Admin Access Credentials

Required information:

Step 4: Validate Authentication

Use the test user code card to validate the authentication process: https://outlook.office.com

Step 5: Style the Login Screen

The login screen can be styled for each tenant.

Theming Options

Default Theme:

Default Theme

Example Theming:

Example Theming