wadyuDocumentation
FRENDEIT
App

Practical guides

Microsoft Entra ID configuration

Configure Microsoft app registrations for MSP SSO, tenant consent and Graph access.

Purpose

Microsoft Entra ID supports two product flows: MSP administrator sign-in and customer tenant consent. Public documentation should explain the purpose, permissions and expected result without exposing hosting files or operator procedures.

Practical workflow

Use HTTPS redirect URIs on app.wadyu.tech and keep test URLs out of production-facing configurations. The MSP domain and tenant mapping ensure that users sign in within the correct MSP context.

Controls and validation

After a change, administrators validate a Microsoft sign-in, a customer consent flow and the expected synchronisation status from the Wadyu console.

Security and compliance

Prefer read permissions for the MVP. Any permission that can change Microsoft 365, remove licences or enforce policies should require explicit workflow, audit and rollback.

Common mistakes

Common mistakes are mixing MSP SSO with customer consent, leaving test URLs active, exposing a client secret or forgetting secret expiry dates.