Single Sign-On (SSO) allows your users to use their credentials from a secure Identity Provider (IdP) to log in to the ProntoForms app. This can save time and frustration by reducing the number of passwords your mobile users have to enter on a daily basis, without sacrificing security.
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. Azure AD helps your employees sign in and access resources in:
- External resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications.
- Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organization.
This article will detail all the steps required to set up a SSO integration for ProntoForms in Azure AD.
Setting this integration up requires access to the Azure portal and the ProntoForms Team Administration pages in the web portal. Please ensure you have access to, and permission to modify, the settings on these portals before beginning this process.
- Login to https://portal.azure.com
- In the left-hand navigation panes, select Active Directory, then Enterprise Applications from the sub-menu.
- Select New Application from the top left of the main window.
- Under Add your own app, select Non-gallery application, enter ProntoForms in the right-hand navigation pane, and select Add.
- Select Configure single sign-on (required) from the next screen.
- On the Single sign-on screen, set the following values:
- Single Sign-on Mode: SAML-based Sign-on
- ProntoForms Domain and URLs:
- Identifier: prontoforms.com/prod
- Reply URL: https://live.prontoforms.com/saml/SSO
- User Identifier: user.userprincipalname
- Once the above information has been entered, under Download, select Metadata XML and save the file. This is the Identity Provider (IdP) metadata that you will need later to configure ProntoForms for SSO.
- Ensure Make new certificate active is checked, then select Save at the top of the middle navigation pane.
- When prompted to activate the rollover certificate active, select OK and wait for the application to be created.
- Select Azure Active Directory from the left-hand navigation pane, then Enterprise Application → All applications → ProntoForms → Users and Groups. Select Add User.
- Select the appropriate users or groups that will be using SSO with ProntoForms, then click Select at the bottom right of the navigation pane.
- Assign the selected groups/users to the application.
- Azure Active Directory is now ready to accept SSO connections from ProntoForms. To configure ProntoForms for SSO using SAML, please read: Enabling Single Sign-On for ProntoForms