This article is reposted here with the consent of the author. The views and opinions expressed in this article are those of the author and do not necessarily reflect the official policy, position, view, or opinion of Crestron Electronics, Inc., or of any of its employees. Crestron Electronics is not responsible for, and does not verify the accuracy of, any of the information contained in this article.
Author: Graham Walsh
https://www.graham-walsh.com/crestron-xio-cloud-and-your-own-sign-in/#step_two_%e2%80%93_create_a_client_secret
Crestron XiO Cloud and your own sign-in
With the
Crestron XiO Cloud™ service, you can use a Crestron.io Microsoft® Azure® network Identity, or you can use your own Okta® network identity cloud sign in. However, you may want to use your own Azure AD sign-in credentials. Let me show you how this can be set up. It will need a ticket opened with the Crestron support team to enable your tenant and create a subdomain for you. Prior to setting this up, you need to have an operational crestron.io login and subscription to Crestron XiO cloud.
My Example of a custom Crestron XiO Cloud
- Default Crestron XiO Cloud URL: portal.crestron.io
- My custom domain name: crestron.xyz
- My custom Crestron XiO Cloud domain: gwalsh-portal.crestron.io. (Most of the time you will use your domain/company name as the prefix, such as contoso-portal.crestron.io)
Step One – Create an app registration
We now need to create an app registration and provide those details to Crestron Support. In the Azure home page, you can search for it or click on it.
Azure Portal Home Page
Now select New Registration and give it a name (it can be renamed later).
App registrations > New registration
Once you have given it a name, choose which support account types. The Redirect URI will be provided by Crestron Support. Then click register. You will probably create App registration without the redirect URI as that may be supplied after you have set up the app registration. Then click on Register.
App registration creation
Once created, you will see the Application (client) ID along with your Directory (tenant) ID, which you will need to supply to Crestron Support.
App registration created successfully
Step Two – Create a client secret
Now, we need to navigate to the Certificates and secrets and select New Client Secret.
Adding a Client Secret
Now, give the secret a name and select how long you want it valid for and click Add.
Client Secret Options
Now, you need to copy this and again this will be supplied to Crestron Support. If you want, you may want to do this over the phone or encrypt this info when submitting this info.
Client Secret Key
In summary, we should have three items to provide Crestron with:
- Desired name
- Application Client ID
- Client Secret
Step Three – Create a Crestron XiO Cloud user
Once it has all been setup, you will now need to head into your Crestron XiO Cloud account and sign in with your default, so it could be john.doe@crestron.io and go to your Users tab. Now we need to create a new user using the External Domain option.
Crestron XiO Cloud New User
Step Four – Test it out
Once all that is done, we can now test out our new domain and authentication. Navigate to your custom domain and you’ll be presented with the default screen. Once you click on Sign In, you will then be redirected to your Azure AD and will then be signed in based upon the permissions set above.
Custom Crestron XiO Cloud Logging In
That’s all for now, any questions let me know.