NOTE: This article applies to Enterprise subscriptions only. Upgrades are available from sales@futurefeed.co.
Register FutureFeed.co with Azure AD
Register FutureFeed.co with Azure AD; see Microsoft's Quickstart: Register an application with the Microsoft identity platform.
If you have more than one Azure AD directory, please ensure you are in the right directory when registering the FutureFeed application.
During registration, configure the following settings:
- Supported Account Types: Allow users from external organizations (like other Azure AD directories) to choose the appropriate single-tenant option. Single-tenant options exclude accounts in other organizations' directories.
- Redirect URI: Select a URI type of Web, and enter the callback URL for FutureFeed.co app
-
NOTE: Only one Redirect URI can be given during creation. After creation, you can add the additional URIs as needed.
In this process, Microsoft generates an Application (client) ID for the FutureFeed.co application; you can find this on the app's Overview screen. Make a note of this value. This value and the client secret below will need to be sent to FutureFeed to complete the configuration.
Create a Client SecretTo create a client secret, see Microsoft's Quickstart: Configure a client application to access web APIs - Add Credentials to your web application.
Once generated, make a note of this value.
If you configure an expiring secret, record the expiration date; you must renew the key before that day to avoid a service interruption.
Add PermissionsTo add permissions, see Microsoft's Quickstart: Configure a client application to access web APIs - Add permissions to access web APIs.
While configuring permissions, you must configure the following permissions for the Microsoft Graph API as Delegated Permissions.
- Users > User.Read - So FutureFeed.co can sign in users and read the signed-in users' profiles.
- Directory > Directory.Read.All - FutureFeed.co can read directory data on the signed-in user's behalf.
-
MICROSOFT GRAPH PERMISSIONS
-
DELEGATED
Once you've configured and saved your new FutureFeed app registration, you'll receive a set of new endpoints unique to that specific app registration. You can locate these within the "Overview" section of the registration. At the very top of this overview section, look for the "Endpoints" option and click on it.
FutureFeed needs three endpoints from the list, OAuth 2.0 authorization endpoint (v2), OAuth 2.0 token endpoint (v2), and the OpenID Connect metadata document.
FutureFeed needs three endpoints from the list, OAuth 2.0 authorization endpoint (v2), OAuth 2.0 token endpoint (v2), and the OpenID Connect metadata document.
Follow the steps in this article SSO Federation Implementation Guide which is also attached at the bottom of this page.
FutureFeed needs some information from your FutureFeed application registration. We need these values:
The Client ID (Application ID) and Client Secret are sensitive information that must be handled cautiously. To transmit these details to FutureFeed, it's essential to encrypt them before sending them. A straightforward method of encryption involves inserting them into a basic text file and then encrypting this file with a password. Send the encrypted file and the password in two separate encrypted emails to Chase Berman, cberman@futurefeed.co.
Furthermore, we can arrange a call and set up the connection in real-time, transferring information via text and video or voice communication.
Additional information to send to FutureFeed:
- The hostname for the user's email addresses. This is the part between the @ sign and the .com/.org/.gov, etc. user@<email