About this article
This article explains how to set up Single Sign On for Templafy on your Azure AD. This article is relevant for and aimed at Client IT.
Sections in this article:
- Setup guide
- Permissions granted to our Azure AD Enterprise Application
- Can I restrict access to Templafy?
Prerequisite
|
Setup guide
There are two ways of setting up Azure AD Open ID Application on your Azure tenant. As such, you can choose between:
It should be noted that:
|
Creating the SSO App by completing a consent flow
- Click on the Templafy onboarding URL to initiate the setup: https://app.templafy.com/AzureADTenant/
- Click
Sign Up
- Enter your Global Administrator credentials for Azure AD
- Press
Accept
in the consent dialogue. - The Templafy App can now be found in your Azure AD under Enterprise applications
- Congratulations! You have now completed the setup on your side.
Adding the Templafy App manually from the Gallery
- Log in to https://portal.azure.com/
- Navigate to Azure Active Directory --> Enterprise Applications
- Click
New Application
- From the Gallery search for
Templafy OpenID Connect
- Add the suggested App into your directory by clicking
Sign up for Templafy OpenID Connect
- You shall be then redirected to https://app.templafy.com/AzureADTenant/ to complete the setup
- Congratulations! You have now completed the setup on your side.
|
Permissions granted to our Azure AD Enterprise Application
Originally we were using Azure AD Graph APIs to be able to read the user's data, group names and apps from Azure AD. Since then Microsoft has decided to move away from Azure AD Graph APIs and introduced a new set of APIs under the name of Microsoft Graph APIs. The old (Azure AD Graph) APIs have been deprecated. Azure AD Graph has been on a deprecation path since June 30, and will be retired in the near future.
With that in mind, we have now added the same permission set we have always required, originating from Microsoft Graph API. When consenting to the application, you will be prompted to grant approval to the same permissions listed twice. One permission set coming from the Azure AD Graph and the other from Microsoft Graph.
What are those permissions?
|
Read directory data
- Allows the app to read data in your company or school directory, such as users, groups, and apps.
Sign in and read user profile
- Allows users to sign in to the app, and allows the app to read the profile of signed-in users. It also allows the app to read basic company information of signed-in users.
Can I restrict access to Templafy?
Templafy Open ID Connect by default allows all users residing in your Azure AD to successfully authenticate to Templafy. Should you want to restrict access to Templafy to only subset of users in your organization, you can follow instructions outlined in the below support article.
Related articles
Comments
0 comments
Article is closed for comments.