How to configure MS Entra for SDS Encryption Portal?

Applicable products

SDS Encryption Portal in External PKI mode

Description

After creating a SDS tenant in External PKI mode, I need to configure the access for my MS Entra users to the SDS Encryption Portal through the MS Entra of my organization.

Procedure

Create your SDS tenant by following this procedure:

 https://documentation.stormshield.eu/SDSE/v11/en/Content/Encryption_Portal/creating_tenant.htm

Stormshield needs the MS Entra tenant ID of your organization to allow the MS Entra tenant on Stormshield side. 

To retrieve your MS Entra tenant ID, follow these steps:

1. Connect to https://entra.microsoft.com/ with administrator credentials.
2. Go to Entra ID > Overview.
3. In the Basic information section, copy the Tenant ID in xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

Once the SDS tenant has been created, you can access the SDS Encryption Portal.

To prevent from displaying the MS Entra consent window on the user side, follow these steps:

1. Connect to https://sds.stormshieldcs.eu/portal with your MS Entra administrator credentials. 
   The consent window for accessing SDS Encryption Portal application displays.
2. Accept the Permissions requested.
   You are connected to SDS Encryption Portal.
3. Connect to https://entra.microsoft.com/ with the application administrator credentials.
4. Go to Entra ID > Enterprise apps > All Applications.
   The SDS Encryption Portal application should be available.
5. From the SDS Encryption Portal application, go to Security > Permissions.
6. Click on the Grant admin consent for <name of your MS Entra tenant> button.
7. Connect with your MS Entra administrator credentials and accept the Permissions requested.

The Permissions requested window no longer displays when your users access the Encryption Portal.