Skip to main content

Setting up Microsoft Entra SSO for SimplerQMS

Set up Microsoft Entra ID (Azure AD) Single Sign-On (SSO) so your organization can access SimplerQMS using a secure, centralized login method instead of individual passwords—supporting compliant access management and digital signatures.

Who Is This For?

  • IT Managers / Entra Administrators configuring Microsoft Entra ID (Azure AD), domains, and security settings

  • Global Administrators responsible for app registration and secrets

  • QA / System Owners coordinating onboarding readiness and access documentation

📌Note: This setup is critical and should be completed prior to onboarding to ensure the SimplerQMS team can successfully configure and enable your organization’s environment.

If you encounter any issues while following this guide, please contact our support team at [email protected] for assistance.

How to Set up Microsoft Entra SSO for SimplerQMS?

Step 1: Confirm prerequisites

Before you start, make sure you have:

  • A Microsoft Entra ID tenant

  • A verified company domain (DNS TXT record)

  • Global Administrator access

📝 Conditional Access and MFA

An Entra ID Premium P1 license (included in M365 E3/E5/Business Premium) is needed if you plan to manage MFA exemptions via Conditional Access for SimplerQMS users. If you’re not changing MFA behavior, you can ignore this.

Compliance reminder: Use least-privilege access and follow your internal security procedures for tenant admin actions.

Step 2: Create the app registration in Microsoft Entra

  1. Go to Microsoft Entra Admin Center → App registrations → New registration

  2. Enter:

  3. Select Register

💡 Tip: Use a consistent naming convention (e.g., “SimplerQMS – Production”) if you manage multiple environments.

Step 3: Configure authentication (redirect URIs)

  1. In the app registration, open Authentication

  2. Add the following redirect URIs:

    Web URIs

    Single-page application (SPA)

  3. Click Save

Compliance reminder: Redirect URIs must match exactly—typos or missing entries are a common cause of failed SSO and signature flows.

Step 4: Enable authentication flows (ID tokens)

  1. In Authentication, go to the Settings tab

  2. Under Implicit grant and hybrid flows, enable:

    • ID tokens (used for implicit and hybrid flows)

  3. Click Save

Step 5: Create a client secret and store it securely

  1. Go to Certificates & secrets

  2. Click New client secret

  3. Choose:

    • Description: anything meaningful (e.g., “SimplerQMS SSO secret”)

    • Expires: 730 days (24 months) (or per your company policy)

  4. Click Add

  5. Copy the secret value immediately and store it securely

Compliance reminder: The client secret value is only shown once. Treat it like a credential and store it in an approved secret vault.

Step 6: Send required app details to SimplerQMS Support

From the app registration Overview page, collect:

  • Application (client) ID

  • Directory (tenant) ID

  • Client secret value (from Step 5)

Send these details to [email protected], and include your company name in the email.

💡 Tip: Share the secret using your organization’s approved secure method (secure email, vault sharing, or encrypted channel), if required by your IT policy.

Step 7: Complete your first login after SimplerQMS enables SSO

Once SimplerQMS confirms SSO is enabled for your account, sign in:

On the first login, a permissions consent pop-up may appear:

  1. Tick the consent checkbox

  2. Click Accept

Troubleshooting: consent or login still fails

  1. Go to Microsoft Entra → Enterprise Applications → SimplerQMS → Permissions

  2. Click Grant admin consent for your tenant

  3. Retry login

If issues persist, contact [email protected].

💡 Tip: Have an admin perform the first login so consent is granted cleanly before broader rollout.

Step 8: Document successful login for onboarding evidence

After a successful first login:

  1. Take a screenshot showing the successful login

  2. Email it to [email protected] for documentation purposes

Compliance reminder: This screenshot supports onboarding evidence and helps the SimplerQMS team proceed with implementation steps.

Step 9: Add users and manage access in SimplerQMS

To add users:

Create users in Microsoft Entra

  1. Create users in Microsoft Entra so they can authenticate via SSO

  2. Have users log in to SimplerQMS at least once (their user profile is created automatically on first login)

Confirm license and access in SimplerQMS

On first login, users are automatically created with a Viewer license. After they’ve logged in, the admin can:

  1. Update the user’s license type (e.g., Full, Standard, or Light)

  2. Assign the user to groups

  3. Assign to training rules to initiate training records

📎 References:

Tips

  • 💡 Do the first login with an admin account so tenant-level consent doesn’t block other users later.

  • 💡 Store the client secret in an approved vault and document rotation ownership and timing.

  • 💡 Double-check redirect URIs—most SSO issues come from missing or mismatched URLs.

What’s Next?

Did this answer your question?