Users
      Back to home
      1. Help Center
      2. Users

      Configuring Rogo for External Login

      Overview


      This document is intended to detail how to configure Rogo to use External Login with Entra ID. This allows organisations to use their Entra ID accounts to login to Rogo.

      If your organisation has their own Rogo instance, please follow the steps detailed in both the ‘App Registration Configuration’ and ‘Rogo College Configuration’ sections of this document.


      If your organisation uses a shared Rogo instance, please follow the steps detailed in the ‘App Registration Configuration’ section of this document.

       

      App Registration configuration

      1. Browse to the Azure Portal and search for ‘App Registrations’
      2. Click ‘New Registration’
      3. Provide the following details and click ‘Register’:
        1. Name – this can be the name of your College
        2. Supported account types – Accounts in any organizational directory
        3. Redirect URI – Web: https://id.rogoserver.com/signin-aad


      4. Once the App Registration has been created, navigate to the ‘Authentication’ blade and under ‘Implicit grant and hybrid flows’ ensure the following is ticked and click ‘Save’:
        1. Access tokens (used for implicit flows)
        2. ID tokens (used for implicit and hybrid flows)
      5. Navigate to the ‘Certificates & secrets’ blade and select the ‘Client secrets’ tab then click ‘New client secret’
        1. Provide a description for the client secret
        2. Select ‘730 days (24 months) for ‘Expires’
        3. Click ‘Add’
        4. Be sure to make a copy of the Value for the new secret in the list of client secrets. You will need to provide this value to Rogo later.


      6. Navigate to the ‘ Token configuration’ blade
        1. Click 'Add groups claim'
        2. Select Security Groups
        3. Under each tab 'ID', 'Access' and 'SAML'
        4. Ensure that 'Emit groups as role claims' is checked
        5. Click 'Save'
      7. Once these settings have been made please provide the following to Eintech:
        1. Client ID
        2. Client Secret

       

      Rogo College Configuration

      1. Navigate to your college in Rogo and login with a user with the ‘System Setup’ role
      2. Click ‘Admin’ in the header
      3. Click ‘System Setup’
      4. Click the ‘External Login’ tab
      5. Enter the following details and click ‘Save’:
        1. Tenant ID: this is the ID of your Tenant in Azure. You can find this on the Overview blade of the App Registration you created earlier under ‘Directory (tenant) ID’.
        2. Group ID: This is an optional field. If you wish to restrict Entra Login to members of an Entra ID Group, you will need to populate this field with the ID of the Group you wish to restrict login to. You can find the ID of a group by searching for the Group in Entra ID and copying the ‘Object ID’. If you do not specify the Group ID, all users in the Tenant will be able to login to Rogo using their Entra ID account.
        3. Permitted Domains: This is an optional field. This should be a comma separated list of domains in @domain.com format (e.g. @domain1.com, @domain2.com). If specified, users with an email address ending in a Permitted Domain will not be able to login using the standard Rogo Login page. Instead, these users will need to use the Entra ID Login button to login to Rogo.
      6. Once these steps have been followed, users will be able to login to Rogo using the Entra ID Login button on the Login page.