Infrastructure Setup & Initialization
Before You Begin
Complete these prerequisites before starting the wizard. You'll need all of these values during setup.
Microsoft Entra ID App Registration
Register an application in the Azure Portal and collect the following:
- Tenant ID — from the app registration Overview page
- Client ID (Application ID) — from the Overview page
- Client Secret — create one under Certificates & secrets
https://ctpisv.cirrustempo.com/signin-oidcDeployment Credentials
These values are generated during infrastructure provisioning and stored in Vault:
- Registration Token — from your deployment output or Vault
(
secret/data/tenants/registration_secret) - Admin Email — the email address (matching your Entra ID) that will become the first administrator
Network Requirements
- Outbound HTTPS access to
login.microsoftonline.com - Outbound HTTPS access to the Control Hub URL
System Pre-flight Checks
Verifying connectivity to critical infrastructure: PostgreSQL, Vault, and Internal Services.
Bootstrap Authorization
Enter the Registration Token to prove identity as a cluster
administrator.
Database Initialization
Applying Entity Framework migrations and seeding standard system roles.
Register with Control Hub
Registering this deployment with the Choreologix Control Hub. This establishes your deployment's identity for license management, feature flags, and product updates.
Infrastructure & Identity Governance
In compliance with SOC2 best practices, local "fallback" passwords are disabled. You must configure an OIDC provider (Microsoft Entra ID) to finalize unsealing.