Configuring Entra ID for Explore for iBase

To use Entra ID with i2 Explore for iBase, you need to configure Entra ID before starting the installation process.

Before you begin

Some assumptions are made about your environment when configuring Entra ID for i2 Explore for iBase:

There is already a Microsoft Azure Enterprise Application configured for iBase to use Entra ID.
iBase Designer can browse and add Entra ID users, using the iBase Security Manager.

Adding a Web Redirect URI to your Entra ID Enterprise Application in Azure

The Liberty application server will send a redirect to the configured Entra ID Application as part of the authentication process.

The redirect URI that it uses must be added to the Entra ID Application's Web Redirect URIs, or the Entra ID Application will refuse the authentication attempt.

The format of the Web Redirect URI that needs to be added to your Entra ID Enterprise Application is as follows:

Replacing:

<I2ANALYZE_SERVICE_FQDN> with the fully qualified domain name (FQDN) of the server where Explore for iBase will be installed.
<HOST_PORT_I2ANALYZE_SERVICE> with the port number that Explore for iBase will listen on (default is 9443).

https://<I2ANALYZE_SERVICE_FQDN>:<HOST_PORT_I2ANALYZE_SERVICE>/oidcclient/redirect/oidc-entra

For example:

https://i2explore.exampledomain.com:9443/oidcclient/redirect/oidc-entra

Obtaining the Entra Client ID, Tenant ID and Client Secret

You will need to acquire these from your Microsoft Azure Enterprise Application which is configured for iBase to use Entra ID.

You may need to create a new client secret for the application if you do not already have one.

They will be required during the installation process.

Client ID: This is the Application (client) ID of your Entra ID Enterprise Application.
Tenant ID: This is the Directory (tenant) ID of your Entra ID Enterprise Application.
Client Secret: This is the client secret for your Entra ID Enterprise Application to use with Explore for iBase.