Introduction
In OfficeRnD Flex, you can implement single sign-on (SSO) using Microsoft Entra ID. This integration will enable your members to sign in to OfficeRnD Flex with their Active Directory credentials. SSO with Entra ID can be implemented for both the Members and Admin Portals.
Contents
Members Portal SSO With Azure
- Log in to your OfficeRnD Flex account.
- Navigate to Settings/Integrations.
- Expand the Authentication section, find Members SSO Authentication, and click Activate.
- Click Configure and copy the Return URL. You will need to use it shortly.
- Open the Azure portal at https://portal.azure.com/ and select the Azure Active Directory module.
- Register a New Application by navigating to App registrations and clicking + New Registration.
- While registering the application you will be asked for Name and Web Redirect URL. Enter the name and paste the Return URL you copied in Step 1.
- After successfully registering the application, copy the Application (client) ID and keep it for later use.
- From the sidebar, navigate to Certificates & secrets and click +New client secret.
- Enter a description, set an expiration period (if necessary), and hit Add.
- After adding the secret, copy the line from the Value column.
- Go back to your account in OfficeRnD Flex.
- Navigate to Settings/Integrations, find Members SSO Authentication, and click Configure.
- Paste the Application client ID and Client secret in the Client ID and Client Secret fields in OfficeRnD.
- In the Discovery URL field, use the Discovery ID template shown below:
https://login.microsoftonline.com/{Tenant ID}/v2.0/.well-known/openid-configuration
Replace {Tenant ID} with the Tenant ID of your organization. You can find the Tenant ID under Tenant properties in Microsoft Azure. - Select Enable Automatic Account Activation. With this setting enabled, employees who already exist in OfficeRnD will be allowed to log into the Members Portal without invitation. If this setting is disabled, employees without prior access to the Portal need to have it Enabled by the administrator.
-
Turn Off Password Login - This setting enforces SSO login and prevents members from logging in with email and password. If it's left unchecked, members will have the option to use SSO or a normal email/password login.
Enabling Turn Off Password Login of the SSO for Member Tools disables:
- The standard login with OfficeRnD user and password
- The Public Calendar Page and Sign-up Page
- Reset password links
- Token for auth in the invite to portal email (Welcome email) - Click Update.
Admin Portal SSO
If you will use only Admin SSO, then follow the same setup steps from above for the admin-related integration.
If you have configured the Members Portal SSO, you can add Admin Portal SSO as well.
-
Activate the Admins SSO Authentication in Settings/Integrations and click Configure.
- Copy the Return URL.
- Open your newly created app in Azure.
- Switch to the Authentication section
- Click Add URI under the Web section.
- Paste the copied Return URL.
- Save your changes in both platforms.
Comments
Please sign in to leave a comment.