Client Portal - Azure AD SSO

If any of your clients use Azure AD as an IdP, you can utilize this for authentication to the ITFlow portal. This means one less password for users to remember!

Create an App Registration in Azure

  1. Sign into the Azure Portal with an administrative account for your MSP
  2. Navigate to Azure Active Directory > App Registrations
  3. Select New Registration
    1. Name: ITFlow SSO
    2. Supported Account Types: Accounts in any organization directory (multi tenant)
  4. Select Register
  5. On the new app registration, select the Authentication blade
    1. Under Implicit grant and hybrid flows select only ID tokens
  6. Select the Certificates & secrets blade
    1. Generate a new client secret (copy it's value)

Add app registration details to ITFlow

  1. Login to ITFlow as an admin
  2. Navigate to Settings > Integrations > Client Portal SSO via Microsoft Azure AD
  3. Enter the Application (client) ID in the top field
  4. Enter the Client Secret in the bottom field

Test SSO

  1. Login to ITFlow as an admin
  2. Select Clients > [test client] > Contacts
  3. Edit a contact
    1. Email: needs to match a valid Azure account
    2. Portal > Login: Azure
  4. Navigate to /portal on your ITFlow instance and select Login with Microsoft Azure AD

Notes

  • You may need to accept/approve the app registration on behalf of the org using an admin account registered in each client portal
  • SSO cannot be used for Agent/Technician authentication