In this articleр we'll list the steps of setting up SSO with Azure Active Directory B2C.
You can learn more details about SSO in our main article.
The activation of SSO for Member Tools disables:
- The standard login with OfficeRnD user and password.
- The Public Calendar Page and Sign-up Page.
- Reset password links.
- Token for auth in the invite to portal email.
Table of Contents
Setting up SSO with Azure
- In OfficeRnD, you can go to Settings/Integrations and add Azure B2C Members SSO Authentication.
- Click Configure and save the Return URL read-only text. You are going to use it shortly.
- Open the Azure portal and select the Azure AD B2C module.
- Register a New Application by navigating to App registrations/New application.
- While registering the application, you will be asked for a Web Redirect URL.
Paste the Return URL copied from step 1.
- After successfully registering the application, save the Application (client) ID.
- From the sidebar, navigate to Certificates & secrets and create a New client secret.
- Give your secret a descriptive name, set an expiration period (if necessary) and save it.
- After adding the secret, note down text in the Value column and copy it.
- In OfficeRnD, navigate to Settings/Integrations and open the Azure B2C Members SSO Authentication configuration dialog. Once there, paste the client ID and client secret you acquired in the previous steps.
Acquiring the metadata URLs
- In the Azure portal, use the sidebar to navigate to User flows and create a New user flow. You can also select an existing user flow.
- Select Sign up & Sign in (Recommended Version) and configure the user flow to your requirements. When configuring the user flow, make sure to check the Return claims for Email Addresses (plural) in the section User attributes and token claims.
- In the User flow details page, click Run user flow. This will open a sidebar on the right. Copy the URL from the sidebar.
- To allow your users to seamlessly reset their password, register a Reset Password (Recommended Version) flow. Don't forget to check the Return claims, as in the previous step.
- Note down and copy the URL from the sidebar for the Reset Password.
- In OfficeRnD, with the configuration dialog open, paste both URLs from the previous steps.
- In OfficeRnD, make sure the Claims Emails field contains the emails value and click Update to save the configuration.
- Open your browser in Incognito mode and navigate to your members portal. You should now be able to authenticate with Azure.