Using Microsoft Entra ID as an Identity Provider (IdP) for Parallels Browser Isolation

0 users found this article helpful

Configuring Microsoft Entra ID as an Identity Provider (IdP)

App Registration

  1. Navigate to .
  2. In the top Search Bar, search "App Registration".
  3. On App registration, click on "New registration".
  4. Provide the following values:
    • Name
    • Supported Account Type
    • Redirect URI
    • Select "Web" from the drop-down.
    • Value -
  5. Move to the left navigation pane to perform the actions below on each tab.

Certificates and Secrets

  1. Navigate to the Secret tab.
  2. Click on "New client secret".
  3. Add a "Description" and set the expiration time.
  4. Finally, click "Add".

Token configuration

  1. "Add group claim", select group types, and click "Add”.
  2. Select an appropriate group type.
  3. Customize token property.
  4. Add Optional Claim.
  5. Token Type = ID.
  6. Select Claim and preferred_username in the checkbox.

API Permission

  1. Add permission", then on "APIs my organization uses", then on "Microsoft Graph".
  2. Click on "Delegate permission",
  3. Select permission "group",
  4. Select "Group".
  5. Read "All"
  6. Click on "Add permission"
  7. Click on "Grant admin consent", then "Yes"


  1. Goto Owners and Click “Add Owners"
  2. Add the list of users who would be using the Parallels Browser Isolation
  3. Go to the Overview section and have the following values at hand for the Next Steps on IdP Configuration on Parallels Browser Isolation
  4. Discovery URL - Goto Endpoints and Copy OpenID Connect metadata document value (Format{tenantid}/v2.0/.well-known/openid-configuration )
  5. Client ID - Application (client) ID
  6. Client Secret - Client Credentials (Also can be fetched from certificated) - Copy the Secret Value (Which is hidden)

Parallels Browser Isolation My Account

  1. Goto Dashboard and Navigate to Parallels browser Isolation.
  2. Click on Initial Config to navigate to the Parallels Browser Isolation Owner Portal.
  3. Copy and paste the above values into the configuration section of the Admin Portal on Parallels Browser Isolation. Note: The initial owner of the Parallels Browser Isolation will complete this step.

Please refer to the image below:

Was this article helpful?

Tell us how we can improve it.