Configuring SSO using Azure AD
1. After logging in to your instance of Azure AD, go to your Active Directory and click on the Enterprise applications.
2. Add a new application; search for XpressDox in the gallery and add it to your list of Enterprise applications.
3. Click Properties, and set User assignment required to Yes.
4. Click on Users, Add User and assign their role (e.g. File / Account Administrator or Template Runner).
5. To login to XpressDox using SSO, click the ‘Sign In or Register with Microsoft’ button. When the button is clicked the user will be redirected to Azure AD and will go through the authentication process. Afterwards they will be redirected to XpressDox.
– if there is no XpressDox account registered with that username, a new account will be created
– if there is already an XpressDox account registered and the user already exists, the user will be logged in immediately
– if an account exists but not the user, and the user belongs to the same AD, the user is created.
Note that all removing of users should be in Azure AD.
There are some settings to note in the XpressDox interface.
– The Tenant ID is populated the moment the account is created. It is a read-only field.
– There is a ‘Force Azure AD login only’ checkbox which can be switched on and off. Switching it on prevents users from logging in using any method other than Azure AD. Switching it off allows both methods; logging in using XpressDox credentials or logging in via Azure AD SSO.