Single Sign-On (SSO) Authentication with Entra ID (Azure)

Introduction

In OfficeRnD Flex, you can implement single sign-on (SSO) using Microsoft Entra ID. This integration will enable your members to sign in to OfficeRnD Flex with their Active Directory credentials. SSO with Entra ID can be implemented for both the Members and Admin Portals.

Contents

Members Portal SSO With Azure

  1. Log in to your OfficeRnD Flex account.
  2. Navigate to Settings/Integrations.
  3. Expand the Authentication section, find Members SSO Authentication, and click Activate.
  4. Click Configure and copy the Return URL. You will need to use it shortly.


  5. Open the Azure portal at https://portal.azure.com/ and select the Azure Active Directory module.
    mceclip0.png
  6. Register a New Application by navigating to App registrations and clicking + New Registration.

    New_registration.png
  7. While registering the application you will be asked for Name and Web Redirect URL. Enter the name and paste the Return URL you copied in Step 1.

    Name_web_azure.png
  8. After successfully registering the application, copy the Application (client) ID and keep it for later use.

    Essentials.png
  9. From the sidebar, navigate to Certificates & secrets and click +New client secret.

    Cert_secr.png
  10. Enter a description, set an expiration period (if necessary), and hit Add.

    Add_cl_secr.png
  11. After adding the secret, copy the line from the Value column.

    Value.png
  12. Go back to your account in OfficeRnD Flex.
  13. Navigate to Settings/Integrations, find Members SSO Authentication, and click Configure.
  14. Paste the Application client ID and Client secret in the Client ID and Client Secret fields in OfficeRnD.

  15. In the Discovery URL field, use the Discovery ID template shown below:

           https://login.microsoftonline.com/{Tenant ID}/v2.0/.well-known/openid-configuration
    Replace {Tenant ID} with the Tenant ID of your organization. You can find the Tenant ID under Tenant properties in Microsoft Azure.
  16. Select Enable Automatic Account Activation. With this setting enabled, employees who already exist in OfficeRnD will be allowed to log into the Members Portal without invitation. If this setting is disabled, employees without prior access to the Portal need to have it Enabled by the administrator.
  17. Turn Off Password Login - This setting enforces SSO login and prevents members from logging in with email and password. If it's left unchecked, members will have the option to use SSO or a normal email/password login.

    Enabling Turn Off Password Login of the SSO for Member Tools disables:
    - The standard login with OfficeRnD user and password
    - The Public Calendar Page and Sign-up Page
    - Reset password links
    - Token for auth in the invite to portal email (Welcome email)
  18. Click Update.

Admin Portal SSO

If you will use only Admin SSO, then follow the same setup steps from above for the admin-related integration.

 

If you have configured the Members Portal SSO, you can add Admin Portal SSO as well.

 

  1. Activate the Admins SSO Authentication in Settings/Integrations and click Configure.

    Admins_SSO_auth.png
  2. Copy the Return URL.

    Edit_Auth_2.png
  3. Open your newly created app in Azure.
  4. Switch to the Authentication section
  5. Click Add URI under the Web section.

    Add_url.png
  6. Paste the copied Return URL.
  7. Save your changes in both platforms.
Was this article helpful?
1 out of 1 found this helpful
Was this article helpful?

Comments

0 comments

Please sign in to leave a comment.