Microsoft / Azure AD SSO

If you are looking to authenticate your users with Microsoft SSO, you're in the right place!

Common Tenant

Our standard integration method uses the common tenant into a multi-tenant application hosted on Interplay Learning's Microsoft Partner Account. This allows our users to connect to Interplay Learning's content using their existing personal accounts, or workplace accounts using an OAuth SSO. All authentication, password policies, and multi-factor authentication are controlled by the tenant in which the user is registered if applicable.

Requested Scopes

We request the Microsoft Graph scopes for User.Read, openid, profile, and email. However, for the account to function we only require the sub or email to be returned to us from an authenticated user. The other values are optional and only serve to simplify the signup process and personalize the user's account.

Admin Consent

If your company is using the standard SkillMill app, the app can be added and authorized from the Azure directory here. If you have a custom white label, we may need to generate an admin consent prompt if your tenant requires delegated permissions for the required scopes. Please let your sales or customer support representative know if this is required for your account. This would be done once by the company administrator, and would then be saved for all the other tenant users who access the Interplay Learning app.

Customer Tenant

We can also optionally specify the tenant of the customer's account. We would require the customer's Tenant ID, Application ID, and the value of a Client Secret created for that application. The application would need to be added to the customer's account and would require a redirect URI to be added to the application for login that will be given to you.

User Access Control

In both cases, a user will need to be registered both in the Interplay Team Dashboard and have a valid Microsoft account to register using this SSO. To remove a user's access, they can be deleted from the Azure AD account which would subsequently remove access the next time they need to log into Interplay Learning.

For more information about the process we use, refer to the Microsoft documentation here or contact your Interplay Learning sales or customer support representative.