Setting up Azure AD SSO / step-by-step guide

Overview

This short guide should help you set up Azure AD for your Connecter Server. Note that the mapping between the two services is done on a team level - the users won’t be added just to a specific Workspace. The permissions management and assignment are done in the Team Portal.

Roles

There are two main roles involved in the configuration:
  • Team Portal admin - the sole administrator of everything connected with user and permissions management in Connecter Server. Can be changed by the Connecter Server Subscription owner from here.
  • Azure AD admin - a person that has full access to the administrative backend of Azure AD and can install new services.

Step-by-step guide

Actions that must be done by the Team Portal admin:

  1. Log in here.
  1. Select your team.
  1. Click on the “Features” tab.
  1. Click on “Get SCIM token” next to Azure AD SSO.
  1. Use the button to copy the token to your clipboard.
  1. Send the token to the Azure AD admin.

Actions performed by the Azure AD admin:

  1. Log in to the Azure AD admin center.
  1. Navigate to Enterprise applications.
  1. Select “New application”.
  1. On the next screen use the search bar to find “Connecter” (application by Design Connected).
  1. Click on the app and select “Sign up for Connecter”.
  1. You will be redirected to the Team Portal. Ignore this screen, for now.
  1. Go back to the Azure AD admin center tab and choose “Create your own application”.
  1. Select “Integrate any other application you don't find in the gallery (Non-gallery)” and give it a relevant name.
  1. In your new application overview select “Provisioning” from the menu and choose “Get started”.
  1. Pick the Automatic provisioning mode.
  1. In Admin Credentials fill:
  1. Secret token - paste the one that you got from the Team Portal admin.
  1. Test the connection to make sure that everything is working.
  1. Set up the attribute mappings - you will need only userPrincipalName and displayName. Here’s a visual guide on how to set it up:
  1. That’s it - you are ready to synchronize your Azure AD users with Connecter.
  1. Don't forget to assign your users to the application. Check the detailed guide here.

End-user log in

If the user hasn’t previously worked with Connecter, they will be greeted by the Workspaces screen. After clicking the “Server” button they will see the following screen:
Select the “Azure AD Account” and log in with the credentials like in every other application that supports SSO.

If the user has used Connecter Server workspace and want to switch to their Azure AD account, they will have to click on their name in the top right corner, then on “Manage Workspaces” and the “Server” button. Then select “Use different user” and the “Azure AD Account” option will appear.
If you have any questions or issues, please, email us at feedback@connecterapp.com.