How to setup Single Sign On (SSO) with Azure AD
What is Single Sign On (SSO)
Definition: Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites by using just one set of credentials.
Specifically, SSO allows users of your organisation to log in to Skore with their usual credentials, typically the Microsoft Azure AD credentials they are using to log into their computer in the morning. The benefit is that they do not need to manage another account / password for Skore.
Additionally, this helps enforce all your security requirements (multi factor authentication, etc.) and easily prevents users who left the organisation continued access to Skore.
Setting Up SSO (Azure AD)
Below are the steps required to successfully set-up Single Sign On for your Skore workspace using Microsoft Azure AD.
Provide Email domains
Skore implementation of SSO relies on recognising email domains. We'll therefore need to understand all the domains potentially used by users of your organisation
See examples below:
- mycompany.com
- mycompany.co.uk
- mycompany.fr
- mycompany.de
Identify the Azure AD administrator
The first user to log into Skore with SSO need to have Azure AD administrative rights in order to approve the Skore application into your IT domain.
Step 1: Contact us at support@getskore.com to provide the list of email domains and the name of your administrator
Configuration Session
A Skore agent will setup the system for you and test with your administrator during an online meeting. This takes 15 minutes.
Step 2: Azure AD administrator and Skore agent organise a configuration session.
Ready to go!
Once the administrator has approved Skore and testing is complete, users are ready to go!
Step 3: Users enter their email on the skore login page, and be directed to their usual organisation's login page.
The Azure administrator will be presented with a screen that looks like that. The user will approve for the entire organisatio
(Before this is authorised user will be presented with a message similar o this one
Next Steps...
Adding new users
Users can be invited to Skore by a workspace admin, or the workspace can be setup to allow users to join.
Removing users
If an employee leaves the business, the users account will need to be manually removed from the Skore platform. Nevertheless, providing the account is disabled on your Azure AD already, the user will not be able to access Skore.
Changing user licence / permissions
Changing a users licence / permissions (member, editor) is performed in Skore and is not related to SSO.
See article: Adding new users into your workspace
Notes:
- Skore does not support automatic provisioning from Azure AD groups
Related Articles
How to setup Two Factor Authentication in Skore
What is 2 Factor Authentication (2FA) ? "2FA" is a way to secure an account by making sure the user trying to login really is the user. This is done by asking a second security question that is generated from another source. At Skore, we do it ...How to hand-over a workspace to a client
You are a consulting company working with your clients. You have finished the engagement and the client would like to keep access to the workspace. Workspace clean up Before handing over the workspace you may want to "clean up" the content ...Process map page settings
Feature available to: Editor • Admin What are the page settings These are the settings that relate to the canvas/page that a process is developed onto. You can configure these settings based upon your mapping preferences and for printing/PDF ...Decision boxes / diamonds in Skore
Introduction Users that are new to Skore may ask how they draw, or represent, a decision diamond commonly found in other types of process mapping. Skore is based on the Universal Process Notation (UPN) which doesn’t use decision diamonds but does ...