Skip to main content
All CollectionsIntegrationsFlex IntegrationsAuthentication Integrations
Single-Sign On (SSO) with Azure AD B2C
Single-Sign On (SSO) with Azure AD B2C
Updated over a month ago

Introduction

In this article we'll list the steps of setting up SSO with Azure Active Directory B2C.

You can learn more details about SSO in our main article.

Prerequisites

The activation of SSO for Member Tools disables:

  • The standard login with OfficeRnD user and password.

  • The Public Calendar Page and Sign-up Page.

  • Reset password links.

  • Token for auth in the invite to portal email.

Table of Contents

Setting up SSO with Azure

  1. In OfficeRnD, you can go to Settings/Integrations/Authentication and add Azure B2C Members SSO Authentication.

  2. Click Configure and save the Return URL read-only text. You are going to use it shortly.

  3. Open the Azure portal and select the Azure AD B2C module.

    1.png

  4. Register a New Application by navigating to App registrations/New application.

    2.png

  5. While registering the application, you will be asked for a Web Redirect URL.
    Paste the Return URL copied from step 1.

    4.png

  6. After successfully registering the application, save the Application (client) ID.

    5.png

  7. From the sidebar, navigate to Certificates & secrets and create a New client secret.

    6.png

  8. Give your secret a descriptive name, set an expiration period (if necessary) and save it.

    7.png

  9. After adding the secret, note down text in the Value column and copy it.

    8.png

  10. In OfficeRnD, navigate to Settings/Integrations and open the Azure B2C Members SSO Authentication configuration dialog. Once there, paste the client ID and client secret you acquired in the previous steps.

Acquiring the metadata URLs

  1. In the Azure portal, use the sidebar to navigate to User flows and create a New user flow. You can also select an existing user flow.

    10.png

  2. Select Sign up & Sign in (Recommended Version) and configure the user flow to your requirements. When configuring the user flow, make sure to check the Return claims for Email Addresses (plural) in the section User attributes and token claims.

    11.png

  3. In the User flow details page, click Run user flow. This will open a sidebar on the right. Copy the URL from the sidebar.

    12.png

  4. To allow your users to seamlessly reset their password, register a Reset Password (Recommended Version) flow. Don't forget to check the Return claims, as in the previous step.

    13.png

  5. Note down and copy the URL from the sidebar for the Reset Password.

  6. In OfficeRnD, with the configuration dialog open, paste both URLs from the previous steps.

  7. In OfficeRnD, make sure the Claims Emails field contains the emails value and click Update to save the configuration.

  8. Turn Off Password Login for All Members - This setting enforces SSO login and prevents members from logging in with email and password. If it's left unchecked, members will have the option to use SSO or a normal email/password login.

    Enabling Turn Off Password Login of the SSO for Member Tools disables:
    - The standard login with OfficeRnD user and password
    - The Public Calendar Page and Sign-up Page
    - Reset password links
    - Token for auth in the invite to portal email (Welcome email)

Related Articles
Single Sign-on (SSO)
Single Sign-On (SSO) Authentication with AD FS
Single Sign-On (SSO) Authentication with Entra ID (Azure)
Single Sign-On (SSO) Authentication with Google
Single Sign-On (SSO) Authentication
Did this answer your question?