Single Sign-On (SSO) Authentication with Microsoft Entra ID

Introduction

In OfficeRnD Hybrid, you can implement a single sign-on using Microsoft Entra ID. This integration will enable your employees to sign in to OfficeRnD Hybrid using their Active Directory credentials. The SSO can be implemented for both Web and Admin Portals.

Contents

Add The Hybrid Work App to InTune

Please follow this article to go through the process of adding the Hybrid Work Android App to Mobile Device Management in InTune.

Web Portal SSO

1. Log-in to your Hybrid account.

2. Navigate to Settings/Integrations.

3. Look for SSO Authentication and click Activate.

sso auth 1.png

4. Next, click Configure.

config.png

5. In the dialog that opens, copy the Return URL and paste it in a new text document. You will need to use it shortly. Also, keep Hybrid open in a browser tab.
edit auth arr.png

6. Open the Microsoft Azure portal at https://entra.microsoft.com/#home and open the Microsoft Entra ID module.

7. Register a New Application by navigating to App registrations and clicking + New Registration.

mceclip1.png

8. While registering the application you will be asked for a Web Redirect URI. Paste the "Return URL" you copied in step 5.


mceclip2.png

9. After successfully registering the application, copy the Application (client) ID and paste it in a text document. You will need to use it shortly.


mceclip3.png

10. From the sidebar, navigate to Certificates & secrets and click to create a New client secret.


mceclip4.png

11. Give your secret a descriptive name,  set an expiration period (if necessary), and save it.

12. Copy the text from the Value column and paste it in a text document. You will need to use it shortly.


mceclip6.png

13. Go back to Hybrid and:

  • Paste the Application (client) ID copied in Step 9 into the Client ID field
  • Paste the Value copied in Step 12 into the Client Secret field

id and secret.png

14. In the Discovery URL field, use the following Discovery ID template:

https://login.microsoftonline.com/{Tenant ID}/v2.0/.well-known/openid-configuration

Replace the {Tenant ID} part in the URL with the Tenant ID of your organization. You can find the Tenant ID under Tenant properties in Microsoft Azure.

15. Enable Automatic Account Activation - With this setting enabled, employees that already exist in OfficeRnD will be allowed to log into the Portal without having to be explicitly invited. If the setting is disabled, employees without prior access to the Portal need to be granted access from an administrator.

16. Click Update.

Admin Portal SSO

After you have configured the Web Portal SSO, you can add your Admin Portal SSO as well.

1. Click Configure on the SSO integration in OfficeRnD.

2. Click on Activate Admin Portal SSO.

activate sso.png

3. The dialog will expand with the Admin Portal section:

admin portal.png

4. Copy the Return URL.

5. Open your newly created app in Microsoft Entra ID and switch to the Authentication section.

6. Click Add URI under the Web section and paste the Return URL.

7. Save your changes in both Azure and Hybrid.

Was this article helpful?
16 out of 22 found this helpful
Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.