11 December 2023

How to set up applicant portal registration

Set up applicant portal registration to enable applicants to register or log in to the applicant portal using their own email address, such as Gmail or Outlook.

To set up applicant portal registration, you must complete the following:

  1. Set up Azure Active Directory B2C to create a tenant and the user flow to sign up and sign in, and to reset passwords.

    If you are already using Azure Active Directory B2C, start at step 2.

  2. Set up the applicant portal as an application in Azure Active Directory B2C.

  3. Send the required details from Azure Active Directory B2C to Tribal.

  4. On Tribal Admissions, set up the authorisation group and then check the related communications templates.

Before setting up applicant portal registration, you require the following:

  • An Azure account with administrative permissions to create an Azure Active Directory B2C tenant, register an application, manage resources, and client keys.

  • The tenant name for the institution. If you do not know the tenant name, contact Tribal support.

  • An account to create a Remedy Force support call with Tribal to complete the set up of Azure Active Directory B2C with Admissions.

  • An Admissions account with permissions to manage communications templates.

Set up Azure Active Directory B2C

You can go to the section Set up the applicant portal as an application if you are already using Azure Active Directory B2C. For example, to allow applicants to register or log in to complete an application form through the institution's website.

Set up an Azure Active Directory B2C tenant and then set up the user flows.

Set up the tenant

Set up the Azure Active Directory B2C tenant as follows:

  1. On the Azure portal, select Create a resource and then select Azure Active Directory B2C.

  2. Enter the required values as defined in the table Azure Active Directory B2C details.

    Azure Active Directory B2C details
    Field Value

    Organization name

    Enter the organisation name, you must use the format, [Region] [Environment] B2C - [Tenant name].

    For example, EMEA Production B2C - hessle.

    Initial domain name

    Enter the initial domain name, you must use the format, [RegionPrefix][Environment]b2c[Tenant].

    For example, emukproductionb2chessle.

    Country and region

    Select the appropriate value for the institution, such as United Kingdom.

    Subscription and resource group

    Select the appropriate subscription and resource group for the institution.

  3. Depending on your account settings, disable the security defaults as these can enable MFA (multi-factor authentication) For more information, go to Security defaults in Azure Active Directory B2C.

Set up the user flows

Set up the users flows to enable applicants to register, log in, or reset their password as follows:

  1. On Azure Active Directory B2C, go to User flows and then select New user flow.

  2. Create the user flow to register and log in. Select Sign up and sign in and then Recommended. Then, Create the user flow and enter or select the values shown in the table Registration and log in.

    Registration and log in
    Field Description
    Name Enter the name of the user flow, such as signupsignin.
    Identity provider Select Email signup.
    User attributes and token claims Select Given name, Surname, and Email address.

  3. Create the user flow to reset passwords. Select Password reset and then Recommended. Then, Create the user flow and define or select the values shown in the table Password reset.

    Password reset
    Field Description
    Name Enter the name of the user flow, such as passwordreset.
    Reset password using email address Set to Enabled.
    Application claims Select Users object ID.

  4. Make a note of the name of the user flows to send to Tribal in the Send details to Tribal section.

Set up the applicant portal as an application

Set up the applicant portal as an application in Azure Active Directory B2C and then create the client secret key.

Set up the applicant portal as an application

Set up the applicant portal as an application in Azure Active Directory B2C as follows:

  1. On the Azure portal, select the directory that contains your Azure Active Directory B2C tenant. Then, go to Application registrations and then select New application registration.

  2. Enter the name of the application, such as ApplicantPortal.

  3. Select the supported account types, Accounts in any identity provider or organizational directory (for authenticating users with user flows).

  4. Define the redirect URIs that return the authentication response to Admissions, as detailed in the table Redirect URIs.

    In the URLs, replace tenantname with the institutions tenant name, such as caltech, and region with the geographical region of the institution, such as APAC.

    Redirect URIs
    Type URI Description
    Web https://identity.tribaledge.com/region/tenantname/connect/callback Always required.
    Web https://identity.tribaledge.com/region/tenantname/signin-oidc-ADFS Required when using ADFS (Active Directory Federation Services).

  5. Select Grant consent for openid and offline access permissions.

  6. Select Register to register the application, as shown in the image Register new application.

    Register new application
    On the register application page, define the name of the application, select the supported account types, then select register to register the application

Create the client secret key

Create the client secret key as follows:

  1. Create the client secret key. On Application registrations, go to Certificates & secrets and then select New client secret.

    Define the name of the client secret key, such as Applicant portal client secret, and select the expiry duration of the key, such as 24 months.

    A new client secret key must be sent to Tribal before the expiry date to prevent service interruption.

  2. Make a note of the following values to send to Tribal in the Send details to Tribal section:

    • Application identifier

    • Directory identifier

    • Client secret key

Send details to Tribal

Tribal must configure Admissions to securely connect Azure Active Directory B2C to the applicant portal. Therefore, you must provide Tribal with the configuration details shown in the table Azure Active Directory B2C to Admissions configuration values.

  • If you are setting up Admissions for the first time, you should supply the configuration details when completing the document Tribal Edge Core Branding & Pre-Requisite Template, which is available on Tribal Communities.

  • If you are setting up Azure Active Directory B2C after setting up Admissions, you must create a Remedy Force call to provide the configuration details.

Azure Active Directory B2C to Admissions configuration values
Value Description

Client identifier and client secret

Client ID and Client secret from the Applicant portal application registration in Azure Active Directory B2C.

For example, ApplicantPortal and abcdefghijklmnopqrstuvwxyz0123456789/+ABCDEFGHIJKLMNOP==.

Sign up and sign in user flow

Name of the sign up and sign in user flow, such as signupsignin.

Authority used for the sign up and sign flow, that includes the Initial domain name and name of the user flow. For example, https://emukproductionb2chessle.b2clogin/emukproductionb2chessle.onmicrosoft.com/B2C_1_signupsignin.

Password reset user flow

Name of the password reset user flow, such as passwordreset.

Tribal Admissions

Set up the required authorisation group, optionally preconfigure users from other systems, and then check the related communications templates.

Set up authorisation group

Set up the authorisation group for applicants and then enable the group to be assigned to an applicant as follows:

  1. Log in to Admissions using an account with permissions to manage authorisations, such as an account in the EdgeAdministrator group.

  2. Optionally, if you have not set up an authorisation group for applicants, add an authorisation group. For example, Applicants. For more information on authorisation, go to What is authorisation?

  3. Enable the group to be assigned to applicants. On System admin, go to Integrations Authorisation management and select the button add and select the Group, such as Applicants.

For full details on adding app roles and claims in Azure Active Directory B2C, go to Configure tokens in Azure Active Directory B2C.

Preconfigure users

You can preconfigure users that have already registered for Azure Active Directory B2C. For example, users who have registered with your institution to submit an application form. Therefore, to avoid these applicants having to register again the users can be preconfigured with the role that enables them to access the applicant portal.

Users that have already registered with Azure Active Directory B2C can be preconfigured using the integrations API Users, which is available in People under the Admissions category. For more information, go to the API catalogue.

Check the communication templates

Check the communications templates, go to Admissions settings > Communications templates and check the following are shown:

  • Application acknowledgement template

  • Applicant portal registration email template

If the communications templates are not shown, select Sync templates to sync the new templates to Admissions.