Single Sign On (SSO)
      Back to home
      1. Knowledgebase
      2. User Management
      3. Single Sign On (SSO)

      Configuring Microsoft SSO

      This article will walk you through the steps required to configure Microsoft SSO.

       

      Before proceeding with the configuration of Google SSO, please ensure that you read our SSO Best Practices Guide.

      Adding Gatekeeper to your Azure Microsoft Apps (Option 1)

       

      Step 1) In your apps Gallery, hit ➕ Create your own application

       

      Step 2) Name the Application ("Gatekeeper") and hit Create

      ✋ Do not choose a pre-existing Gallery application. This should be a custom app! 🤚

       

      Step 3) Under "Getting Started" hit Set up single sign on

       

      Step 4) Choose Linked as the SSO type

       

      Step 5) Configure the Sign on URL using one of the below options:

      If US: https://auth-us.gatekeeperhq.com/users/auth/microsoft_oauth2
      If Canada: https://auth-ca.gatekeeperhq.com/users/auth/microsoft_oauth2
      If Europe: https://auth-eu.gatekeeperhq.com/users/auth/microsoft_oauth2
      If APAC: https://auth-apac.gatekeeperhq.com/users/auth/microsoft_oauth2

      Step 6) Hit Save

      Step 7) As the final step, you can assign the users/groups in MS/Azure who should be able to authenticate & log in to Gatekeeper

       

       

      Adding Gatekeeper to your Azure Enterprise Apps (Option 2)

      1. Head to your Enterprise Applications & hit ➕ Create your own application
      2. 2. Name the Application ("Gatekeeper") and hit Create
      3. Under Basic SAML Configuration populate the below values
        1. Entity ID: Take the 4 digits from your tenant's Gatekeeper URL
        2. Reply URL:
          1. If US: https://us.gatekeeperhq.com/users/auth/microsoft_oauth2
          2. If Canada: https://ca.gatekeeperhq.com/users/auth/microsoft_oauth2
          3. If Europe: https://eu.gatekeeperhq.com/users/auth/microsoft_oauth2
          4. If APAC: https://apac.gatekeeperhq.com/users/auth/microsoft_oauth2
      4. Hit Save
      5. As a final step, you can assign the users/groups in Azure who should be able to authenticate & log in to Gatekeeper

      See Microsoft's article here for guidance

       

       

      Configuring Gatekeeper

      Once you have validated that this app has been set up successfully and that users can authenticate via SSO, you can lock your Gatekeeper environment so that Microsoft SSO is the only valid login option:

      Step 1) Login to your Gatekeeper account as an administrator.

      Step 2) Navigate to Settings > Configuration > Authentication:

      configuration-1

      Step 3) Select 🔘 Require Microsoft Sign On (SSO):

      NB. If you would like to allow the use of standard username & password as well as Microsoft SSO authentication methods, select the "Standard" or "Allow All" authentication options

      Step 4) Click ✅ Save

       

       

      Login to Gatekeeper with Microsoft

       

      1. Go to https://auth-us.gatekeeperhq.com/users/auth/microsoft_oauth2 and you will be prompted to sign-in with your Microsoft Account:

       

      2. Select your Microsoft account.

      downloads.intercomcdn

      3. You are now logged in to Gatekeeper via your Microsoft account!

       

      Additional User Types

      Access to the Supplier Portal will remain via username & password , even when SSO authentication is set.

      Access to the Employee Portal via Google SSO, MS SSO & Username & Password can be enabled/disabled in the Just In Time Provisioning settings screen