In addition to traditional sign-on methods, the NetBeez dashboard supports single sign-on for Azure. The below steps will walk through the setup procedure.
1. As an administrator, log in to the Azure Active Directory admin center.
2. Click on “Enterprise applications” in the left sidebar navigation.
3. Click on “New application”.
4. Click on “Create your own application”.
5. Give your app a name such as “NetBeez” and select “Register an application...” under “What are you looking to do with your application?”. Then click the “Create” button.
6. On the next screen, select the appropriate “Supported account types” for your organization. In most cases, the “Accounts in this organizational directory only” will be the appropriate option.
7. Next add an entry under “Redirect URI”, this should be your server FQDN followed by “/users/auth/azure_ad” (eg. https://[your server FQDN]/users/auth/azure_ad/callback). Click “Register”.
8. Your application that will facilitate the single sign-on with NetBeez has been created and you should now see it under “Enterprise applications”. Click on the application.
9. Under “Single sign-on” located in the left navigation sidebar you should see some content about “OpenID Connect”, in that content there is a link that should match the name you gave your application. Click that link.
10. You should now see some information about the application you created. In order to configure the NetBeez Azure AD setting, you will need the Application (client) ID and Directory (tenant) ID under the “Essentials” section.
11. Next you will need to create a client secret. Under the “Essentials” section you should see “Client credentials”. Click the link “Add a certificate or secret”.
12. Next you should see a section called “Client secrets”, click on the “New client secret” button.
13. Give your secret a description and pick your preferred expiration time. Then click the “Add” button. You should now see your secret under “Client secrets”, you will need the “Value” for your secret, this is the last piece of information required to configure the NetBeez Azure AD setting.
It is recommended that you maintain at least one local NetBeez administrator account.
14. Last we need to configure NetBeez with the information of the application you created in Azure. Navigation to “Settings” and then “Enterprise Authentication”. Expand the “Azure AD SSO” setting and enter the following information.
a. Application (client) ID: enter into Client ID.
b. Directory (tenant) ID: enter into Tenant ID.
c. Client secret Value: enter into Client Secret.
d. Default Role: This is the default role a user will receive when logging into NetBeez for the first time. Currently, a user’s role must be escalated via NetBeez. Roles cannot be currently determined from Azure AD.
15. Click the “Save” button. Your Enterprise Authentication should now be enabled, and you should now see the “Log in with Azure AD” button on the login prompt.