Configuring SSO
Introduction
SSO (Single
Sign-On) is a single sign-on technology that allows you to connect to multiple
applications with a single identifier.
It allows
you to standardize your Abraxio connection with your corporate environment and
provides :
- Ease of use for your users (automatic connection)
- Consistent workstation security
- Simplicity of administration (management of employee movements)
Activation
is reserved for users with the transverse administrators feature.
SSO
activation requirements
All users in your organization who connect to Abraxio must have a Microsoft Professional account (Azure Active Directory / Office 365 account) .
Abraxio
account must be provisioned with the email address of the Collaborator
corresponding to their Microsoft Professional account.
SSO Activation
- Step 1 : Go to Admin > Integrations > Authentication and Enable Connection using Microsoft account sign-in :
Keep the dual connection (password and Microsoft account) during the activation period
in order to experiment with and fine-tune this new connection method.
- Step 2 : Reconnect to the environnement. The 2 connection modes are offered to you :
- If you have administrative rights for your company directory, you will be able to the data access on behalf of all your collaborators by accepting “Consent on behalf of your organization”
- If this is not the case, you can ask one of your administrators to carry out the optional configuration described in the following paragraph.
Once you have given your consent, subsequent logins will be completely transparent if you are already signed in to your Microsoft account through another means. Once this first configuration has been successfully completed and your users have been informed of the configuration change, you can disable Abraxio password login.
We invite you to communicate to all your Abraxio users about the activation of SSO to explain this change.
- Step 3 : An administrator can grant corporate directory access consent for all users by logging into their Azure Active Directory admin portal:
- Log on to https://portal.azure.com and search for "azure active directory"
- Go to the “Enterprise Applications” section in the “Manage” group
- The first connection to Abraxio with a Microsoft account causes the “Abraxio” application to be included in the list of your business applications. Select the “Abraxio” application, and access the “Permissions” section of the “Security” group:
- Grant your consent via the button “Grant admin consent for Abraxio”
Your users will no longer have to consent individually when they first connect.
Related Articles
Configuring the Wallets module
Default Wallets section Abraxio allows you to manage multiple portfolios that can contain projects and/or activities. When creating a project or activity, this parameter defines which portfolio it will be associated with by default. The user can then ...Configuring Value Lists
Preamble Reminder: the Abraxio configuration elements available in the Administration module are only accessible to authorized Administrator users. The analytical axes allow you to qualify your projects and your budget lines in order to better ...Configuring the Finance module
Organization section Default VAT: enter the most frequently used VAT rate (20% in mainland France, 8.5% in overseas departments). This value is set by default when entering amounts in Abraxio and can be overridden to manage exceptions. Capitalized ...Configure password policy
Introduction In order to ensure an optimal level of security for your data, Abraxio is strengthening its password policy. If you have not chosen Single Sign On (SSO) as your connection method to Abraxio, you can configure your Abraxio password policy ...Project section : Requirements and value brought
Overview This section is dedicated to describing the request, i.e. the project's purpose and its expected benefits. As there is always more demand than capacity, it is important to be able to compare projects with each other and classify them by ...