Skip to main content

Configure Azure AD

This guide walks CreditChek administrators through configuring Microsoft Azure Active Directory (Azure AD) as an authentication provider, allowing users to sign in with their organizational Microsoft credentials.

info

Azure AD integration only supports Service Provider initiated logins.

Prerequisites​

  • An active Microsoft Azure account
  • Admin access to your Azure AD tenant
  • Administrator access to your CreditChek dashboard

Setup in Azure Portal​

Step 1: Register an Application in Azure AD​

  1. Sign in to the Azure Portal.
  2. Navigate to Azure Active Directory > App registrations.
  3. Click New registration.
  4. Fill in the application details:
    • Name: Enter a name for your application (e.g., CreditChek Integration)
    • Supported account types: Select Accounts in this organizational directory only (Single Tenant)
    • Redirect URI: Select Web as the platform, then enter the CreditChek callback URL: 
      https://app.creditchek.africa/auth/azure/callback
  5. Click Register.

Step 2: Create a Client Secret​

  1. Use search to open App registrations services. Then open the app that you created in the last procedure.

  2. In your registered app, go to Certificates & secrets.

  3. Under Client secrets, click New client secret.

  4. Add a description and choose an expiry period.

    caution

    Shorter durations are more secure but require you to create a new secret more frequently. An expired secret will prevent users from logging in.

  5. Click Add and copy the secret value immediately — it will not be shown again.

Step 3: Configure API Permissions​

  1. In your registered app, go to API permissions.

  2. Click Add a permission > Microsoft Graph.

  3. Select Application permissions (not Delegated permissions).

  4. Add the following permission:

    PermissionTypePurpose
    Directory.Read.AllApplicationRead directory data including users and groups
    Use Application permissions, not Delegated

    Delegated permissions will not work for this integration. Ensure you select Application permissions.

  5. Click Add permissions.

  6. Click Grant admin consent for your organization and confirm.

Step 4: Enable Public Client Flows​

  1. In your registered app, go to Authentication.
  2. Under Advanced settings, set Allow public client flows to Yes.
  3. Click Save.

Step 5: Collect Your Application Credentials​

From the Overview page of your app registration, note down the following values:

FieldWhere to find it
Tenant IDOverview > Directory (tenant) ID
Client IDOverview > Application (client) ID
Client SecretCertificates & secrets (from Step 2)

Configure CreditChek with Azure AD​

In your CreditChek dashboard, navigate to Settings > External IDP > Azure AD and provide the following:

FieldDescription
Tenant IDDirectory (tenant) ID from Step 5
Client IDApplication (client) ID from Step 5
Client SecretSecret value created in Step 2

Once all fields are filled in, click Configure to activate Azure AD authentication for your CreditChek integration.

Verification​

After enabling, test the authentication flow:

  • Invite a user within your Azure AD tenant
  • They should be able to access the dashboard by clicking Continue with Microsoft
  • After authentication, the user is redirected to your business' CreditChek dashboard

For support, contact us at [email protected].

Last updated on