How to setup Single Sign On (SSO) with Azure AD

How to setup Single Sign On (SSO) with Azure AD

What is Single Sign On (SSO)

Definition: Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.

Specifically, SSO allows users of your organisation to log in to Spark with their usual credentials, typically the Microsoft Azure AD credentials they are using to log into their computer in the morning. The benefit is that they do not need to manage another account / password for Spark.

Additionally, this helps enforce all your security requirements (multi factor authentication, etc.) and easily prevents users who left the organisation continued access to Spark.

Setting Up SSO (Azure AD)

Below are the steps required to successfully set-up Single Sign On for your Spark workspace using Microsoft Azure AD.

Provide Email domains

Spark implementation of SSO relies on recognising email domains. We'll therefore need to understand all the domains potentially used by users of your organisation

See examples below:
  1. mycompany.com
  2. mycompany.co.uk
  3. mycompany.fr
  4. mycompany.de


Identify the Azure AD administrator

The first user to log into Spark with SSO need to have Azure AD administrative rights in order to approve the Spark application into your IT domain.

Step 1: Contact us at support@getskore.com to provide the list of email domains and the name of your administrator

Configuration Session

Spark agent will setup the system for you and test with your administrator during an online meeting. This takes 15 minutes.

Step 2: Azure AD administrator and Spark agent organise a configuration session. 

Ready to go!

Once the administrator has approved Spark and testing is complete, users are ready to go!

Step 3: Users enter their email on the Spark login page, and be directed to their usual organisation's login page. 

The Azure administrator will be presented with a screen that looks like that. The user will approve for the entire organisation. 
Connecting your Azure account to your Applauz program

(Before this is authorised user will be presented with a message similar o this one  



Next Steps...

Adding new users

Users can be invited to Spark by a workspace admin, or the workspace can be setup to allow users to join.

Removing users

If an employee leaves the business,  the users account will need to be manually removed from the Spark platform. Nevertheless, providing the account is disabled on your Azure AD already, the user will not be able to access Spark

Changing user licence / permissions

Changing a users licence / permissions (member, editor) is performed in Spark and is not related to SSO. 


Notes:

  1. Spark does not support automatic provisioning from Azure AD groups

    • Related Articles

    • How to setup Two Factor Authentication in Skore

      What is 2 Factor Authentication (2FA) ?  "2FA" is a way to secure an account by making sure the user trying to login really is the user. This is done by asking a second security question that is generated from another source.  At Skore, we do it ...
    • How to hand-over a workspace to a client

      You are a consulting company working with your clients. You have finished the engagement and the client would like to keep access to the workspace.  Workspace clean up Before handing over the workspace you may want to "clean up" the content  ...
    • Process map page settings

      Feature available to: Editor • Admin What are the page settings These are the settings that relate to the canvas/page that a process is developed onto. You can configure these settings based upon your mapping preferences and for printing/PDF ...
    • Importing Nimbus processes into Skore

      Introduction Spark provides the capability to import Nimbus content into Spark. The Nimbus importer will do the "heavy lifting" for you: convert all process content. You will be required to carry out some manual tidying and splitting tasks. Please ...
    • Decision boxes / diamonds in Skore

      Introduction Users that are new to Skore may ask how they draw, or represent, a decision diamond commonly found in other types of process mapping. Skore is based on the Universal Process Notation (UPN) which doesn’t use decision diamonds but does ...