This article explains how to setup Azure AD authentication for a customer.
An admin with Global Admin rights to the Azure AD needs to follow the instructions the technical brief "Templafy Azure AD App" which can be found on the Templafy space.
Basically the admin should click on the onboarding URL and click accept. Then the Templafy ID is approved in the client ADFS.
Choose Azure AD in the drop down
When entering this domain the users is re-directed to the clients SSO login screen. Thus bypassing the regular Azure AD login screen. This is only relevant when client has full Federation support.
The domain hint is whatever that is after the @ in the email that is used to login to their SSO firstname.lastname@example.org
A quick way to check if domain hint is correct is to open an incognito browser and go to portal.office.com. Enter a random email email@example.com and use the TAB key. If redirected to the login site for the company, the domain hint is correct.
Azure tenant id
Get Azure tentant ID from the client or get the Azure tenant name from the client and simply run the attached PowerShell script to get the ID
The tenant name is this @TENANTNAME.onmicrosoft.com
Discriminator Claim Name
Enter the name for the claim used as discriminator e.g. the State field.
Discriminator Claim Value
Enter the value. Client must provide this.
Only authorize user from the following email domains
Users with emails in this list will automatically get a user created the first time they login.
Enter all email domains that this Azure AD can authenticate