User Tools

Site Tools

Trace:
software:chipmunk:setup:app_registration

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
software:chipmunk:setup:app_registration [2025/07/01 11:29] support@smikar.comsoftware:chipmunk:setup:app_registration [2025/07/01 13:08] (current) – [What to Use During Chipmunk Setup] support@smikar.com
Line 23: Line 23:
    * **Supported account types**: *Accounts in this organizational directory only*    * **Supported account types**: *Accounts in this organizational directory only*
    * **Redirect URI** (Web):      * **Redirect URI** (Web):  
-     https://chipmunk.smikar.com/api/auth/callback/azure-ad +     - `https://chipmunk.YOURDOMAIN/api/auth/callback/azure-ad`   
-https://chipmunk.smikar.com:3000/api/auth/callback/azure-ad +     - `https://chipmunk.YOURDOMAIN:3000/api/auth/callback/azure-ad` *(optional, see below)*
  
 4. Click **Register** 4. Click **Register**
 +
 +**Note:**  
 +During initial setup, Chipmunk may temporarily use port 3000 for configuration access.  
 +You should include both redirect URIs above during deployment.  
 +Once Chipmunk is fully configured and using port 443, you may safely remove the port 3000 URI from the App Registration for security tightening.
  
 ===== Step 3: Save Your App Details ===== ===== Step 3: Save Your App Details =====
Line 83: Line 87:
 Click **Grant admin consent for [Your Tenant Name]** and confirm. All permissions should show as "Granted". Click **Grant admin consent for [Your Tenant Name]** and confirm. All permissions should show as "Granted".
  
-===== Optional: Configure Authentication Settings =====+===== Configure Authentication Settings =====
  
 Under **Authentication**, verify: Under **Authentication**, verify:
  
-  * Redirect URI: `https://chipmunk.YOURDOMAIN/api/auth/callback/azure-ad`+  * Redirect URIs include both `https://chipmunk.YOURDOMAIN` and `https://chipmunk.YOURDOMAIN:3000`
   * ✅ **ID tokens** checked under "Implicit grant and hybrid flows"   * ✅ **ID tokens** checked under "Implicit grant and hybrid flows"
 +
 +===== Step 7: Create Admin Group =====
 +
 +Chipmunk uses an Entra ID (Azure AD) group to determine who has access to the dashboard.
 +
 +1. In the Azure Portal, go to **Microsoft Entra ID** > **Groups**
 +2. Click **+ New Group**
 +3. Choose:
 +   * **Group Type**: Security
 +   * **Group Name**: e.g. ''chipmunkadmins''
 +   * **Membership Type**: Assigned
 +4. Add any users who should be able to access the Chipmunk dashboard
 +
 +You will enter this exact **group name** during the appliance setup wizard.
 +
 +→ Only members of this group will be granted admin access.
 +
  
 ===== What to Use During Chipmunk Setup ===== ===== What to Use During Chipmunk Setup =====
Line 101: Line 122:
 ----- -----
  
-Need help with DNS or TLS? → [[software:chipmunk:installation:certificate_dns|View DNS & Certificate Setup]]+Need help with DNS or TLS? → [[software:chipmunk:setup:certificate_dns|View DNS & Certificate Setup]]
  
 {{tag>chipmunk azure appregistration graphapi permissions setup}} {{tag>chipmunk azure appregistration graphapi permissions setup}}
  
software/chipmunk/setup/app_registration.1751333399.txt.gz · Last modified: 2025/07/01 11:29 by support@smikar.com