How to Use Azure Active Directory with eCourtDate

Enable your Azure AD users to sign into eCourtDate seamlessly

  1. Home
  2. Console
  3. How to Use Azure Active Directory with eCourtDate
Last updated 1 year ago
To use this article: sign in to eCourtDate here.

Enable your Azure AD users to sign into eCourtDate seamlessly

Identity Profiles (IDPs) allow you to configure oAuth2.0-based authentication and authorization flows for your users.


We recommend creating at least three separate IDP profiles:

  • Console IDP - for IT and technical users

  • Staging IDP - for business and testing users

  • Production IDP - for all users




1) Create an IDP in the Console IDPs page:


  • Click on Add IDP and choose the desired region (we recommend using 2 separate IDPs for staging and production)

  • Choose a unique sign-in URL.


add idp

2) Once created, you'll get sign-in, redirect, and logout links needed for Azure configuration:


idp links


3) Go to your Azure Active Directory tenant and create a new App Registration:


azure ad registration

4) In the Authentication tab:

  • Add a platform configuration, choose Web, then add the Redirect URL from the Console as the Redirect URL value:

configure web

5) In the same Authentication tab: use the Console Logout URL as the Front-channel logout URL and enable Access Tokens.


front channel url

6) In the Certifications & Secrets tab: create a Client Secret and use the value as the Client Secret in the Console IDP. Do the same for Client ID which can be retrieved from the Overview tab Application (client) ID value.


7) In the Overview tab: use the values from the Endpoints button to configure the following settings in the Console IDP:


endpoints url idp


idp form edit

8) In the Console IDP, choose the Default Agency as well as any other Enabled Agencies that the IDP should grant users to.


9) (optional) To use your Azure group memberships to assign eCourtDate roles, add the GroupMember.Read.All permission:



Azure Group Member Read All Permissions

10) (if Step 9 is completed) In Token Configuration, click on Add groups claim, choose the Group types and ID, then click on Add:


Add Groups Claim to share with eCourtDate application


If you wish to use Azure Groups to assign eCourtDate User Roles, enable the Emit groups as role claims option:

Emit Azure groups as role claims


If you wish to use Azure Groups to assign eCourtDate Agencies instead, enable the Directory Roles option to pass the user's roles:

idp group type

To assign agencies, the group name must match the following format (case insensitive): {AgencyReference_ECOURTDATE}.


For example, if your agency reference is: municipal-court-123 then the Azure group name should be municipal-court-123_ECOURTDATE


Prerequisite: the agency must be included in the IDP Enabled Agencies setting to be used for Group -> Agency assignment.


Note: Any Role that is a case-insensitive match to one of the following: SECURITY or ADMIN or ROOT will be assigned Super Admin in addition to any other roles. You may need to enable the Security groups in the above setting.



Once completed, Azure AD users can log in automatically to their assigned agencies using the Sign-in URL.


While signing in, the user's access is regenerated based on the latest identity and permissions returned by Azure Active Directory.


Get Help from the eCourtDate Team

Schedule a Virtual Meeting