This guide explains Microsoft's authentication and consent processes for connecting Valotalive with their business applications (like Power BI, PowerPoint, etc.) using OAuth.
Understanding User and Admin Consent
Valotalive uses OAuth, a secure way to connect with Microsoft apps. OAuth often requires user consent, meaning the user needs to allow Valotalive to access their app data.
Usually, companies manage these permissions through Entra ID (formerly Azure AD). In most cases, the admin needs to approve the Valotalive application (called an Enterprise application) before users can authenticate.
Authentication Process Overview
The specific steps for authentication depend on how your organization manages OAuth consent in Entra ID. There are two main workflows:
Admin Initiated: The Global Admin first approves the Valotalive application in Entra ID (A) and then completes the approval with authentication in the Valotalive Dashboard (B).
User Initiated: The end-user (or the Global Admin) starts the process in Valotalive and can request admin approval.
We'll cover both workflows in detail below.
1. The Admin Initiated workflow
The Global admin starts the workflow by finding the Valotalive application in Entra ID Gallery. This is where you can find and manage third-party integrations.
A. Entra ID Admin grants permissions in the Entra ID
This section explains how the Global admin first approves the Valotalive application in Entra ID.
Access the Entra ID Gallery
Sign in to Entra ID with the Global admin credentials.
Click on "Enterprise Applications" and then "+ New application" to access the Entra ID Gallery.
Find the Valotalive Application
Search for "Valotalive" in the search bar to locate the Valotalive applications.
Grant Permissions
Click on the specific Valotalive application you want to connect. This will open its information page.
Click the blue button on the bottom to proceed to the Valotalive login page.
B. Valotalive Login (Admin Account)
This section explains how the Global admin grants permissions on the Valotalive Apps page.
Login (Sign up) to Valotalive
Go to the Valotalive Dashboard: https://dashboard.valota.live/
If you don't have an account yet, click Create an account and Login
Note: This account is only needed for the admin to grant consent.
Choose and Authorize the App
Select the specific Valotalive app you want to connect by clicking its icon.
Click "Choose this app"
Microsoft Login and Authorization
Click "Authorize"
You'll be redirected to the Microsoft Sign in window.
Important: Make sure you are not logged into any other Microsoft applications in other browser tabs.
Use your Entra ID Global Admin credentials to sign in.
Consent Options
After signing in, you'll see a prompt listing the permissions Valotalive is requesting.
Important:
You can choose to "Consent on behalf of your organization". This allows Valotalive users to authenticate similar Valotalive apps without requiring further admin approval from Entra admins.
Authorization Successful
Once you authorize, you'll see a confirmation message in Valotalive.
The authorized Valotalive application should now be listed in the Entra ID Enterprise Applications page.
User Access
If you chose "Consent on behalf of your organization", other Valotalive users can now access their Microsoft app data through Valotalive.
These users can start activating similar Valotalive apps for Microsoft applications.
Repeat steps 1-8 for any other Valotalive app you want to connect.
Admin Logout
Once finished, the Entra ID admin can log out of Valotalive.
2. The user Initiated workflow
This process allows users with existing Valotalive accounts to activate individual Microsoft apps within Valotalive.
User Starts Activation
The user begins activating a Microsoft app (e.g., Power BI) within Valotalive
(see steps Choose and Authorize the App)
Authorization and Potential Admin Review
Clicking "Authorize" to connect Valotalive with the chosen Microsoft account might trigger a message stating "Admin review needed"
Admin Consent Request
In this case, the user can request a review from the admin by clicking the link and providing a justification for needing the app.
If user consent is restricted in your organization, the Entra ID admin will receive an email notification requesting approval.
Note!
You may also be prompted Need admin approval.
In this case, the Entra ID admin in your company needs to approve consent requests on the Entra ID site. By setting up the request process, the ID user can make the request as explained earlier.
Admin Reviews and Approves
The Entra ID admin is notified about the request via email, as shown in this example:
Once the admin clicks the "Review request" button, they will be taken to the Entra ID Admin Consent Requests page
User Notification and Completion
User is notified and can proceed: After the user receives an email notification about admin consent, they can proceed and authorize the application in Valotalive
Learn more about the permissions Valotalive requests: MS Entra ID integrations & Valotalive on the Enterprise applications directory
Learn more about enabling admin consent workflow and user consent configuration from Learn.microsoft.com site: