If your organisation uses Microsoft Azure Active Directory / Microsoft Entra ID to authenticate users, this can be incorporated into Humanforce Web. Follow the instructions below on how to configure Azure AD.
- Go to the Azure Portal - https://portal.azure.com/ and sign in using your credentials.
- Search for Azure Active Directory and select from the search results
- Select New application
- Select Create your own application
- Enter a name for your Application and select Integrate any other application you don't find in the gallery (Non-gallery). Click Create.
- Select Single sign-on
- Select SAML
- Select Edit
- Navigate to your instance of Humanforce Web and login as an administrator and navigate to Admin > Security Config > SAML/SSO Admin
- Take note of the Service Provider Name and the Assertion Consumer Service Url
- Navigate back on the Azure Portal, enter the following information for the; Identifier and Reply URL. Click Save.
Identifier (Entity ID) This will be the Service Provider Name from the previous step. Reply URL (Assertion Consumer Service URL) This will be the Assertion Consumer Service Url from the previous step. - Scroll down and download the metadata XML file.
- Back in Humanforce Web, Navigate to the Web - Identity Provider tab and import the metadata file.
For more details on this process see step 3 of the article How do I set up Single Sign-On (SSO) for Humanforce Web?
- Navigate to the Settings tab and set the value for SSO Mode to Dual Mode. Click Save Changs.
- Navigate back to the Azure Portal, Click Users and groups, then click Add user/group.
- Click None Selected
- Locate and select the user(s) or Groups you want to give access and click Select.
- Click Assign
- Now when loading the Humanforce Web login page there is an option to select Continue with SSO. Click this to login using your organisations SSO provider.