Learn how to enable Single Sign-On and use Microsoft Azure as an identity provider for your AskCody Account
Single Sign-On (SSO) allows your organization to use your Microsoft credentials to authenticate with the AskCody Platform. SSO eliminates the need for a specific set of credentials for AskCody, and instead enables your organization to use Microsoft Azure as an identity provider.
Requirements for using Single Sign-On
To be eligible for using Single Sign-On when accessing the AskCody Management Portal, there are some basic requirements that your organization needs to fulfil:
- All users using the AskCody Management Portal must be in your organization's Azure AD.
- You need to have an Azure Active Directory Integration (AADI) with AskCody. Users not synced into AskCody with AADI will not be able to log in using SSO, but can only get access using credentials created specifically for the AskCody Portal. If you have not yet set up AADI, learn how to do it here.
- You must grant consent for the AskCody application to read user information in Azure AD. This can only be done by a person with Global Administrator access in your Azure AD.
Note: this is also done as a part of setting up AADI.
How to enable SSO
To enable SSO, you must be assigned with the role AskCody Owner:
- Log in to the AskCody Management Portal
- Navigate to Admin Center
- Click on Account and choose Single Sign-On (SSO)
- Click Enable SSO.
SSO is now enabled for your account. This also means, that users accessing your AskCody environment can now authenticate with their Microsoft credentials to get access to the AskCody Management Portal, and will no longer need a specific set of credentials used only for signing into the AskCody Management Portal.
How to use SSO to log in
When SSO is enabled for your account, users accessing the Management Portal will be able to log in with SSO. This is done by selecting your region and simply click on the button called Microsoft SSO. Here, users will be redirected to Microsoft’s authentication flow and granted direct access if already logged into Office 365, or be asked to enter their Microsoft credentials and perform any further authentication steps if e.g. MFA is enabled and enforced in your organization.
If you would like to bookmark a URL granting direct access without the need to click Microsoft SSO, or simply give your users only one way to sign in, you can use one following links to get access through SSO as well.