Modules
      Back to home
      1. Help Center
      2. Your Mallcomm CMS
      3. Modules

      Setting Up SSO with Azure AD

      1. Login to Microsoft Azure Portal.

      2. Search for “enterprise applications“ then click the icon found in the “Services“ section.

         39f1c536-9864-4cb3-aa54-d8302c405a21

      3. Click “New Application“.

      4. Click “Create your own application“.

      5. From the panel on the right, provide your new app a name and choose what you are looking to do with the application, in our example we have chosen “Integrate any other application you don't find in the gallery (Non-gallery)“.
        dc15a60f-18fd-48c7-bde9-661fc2b42674

         

      6. Click “Create”.

      7. Search for “azure active directory“ then click the icon found in the “Services“ section.

         5c3d7c14-1e6c-4420-9a37-e8f5e9e05d3f

      8. From the left menu click “App registrations“.

      9. Click the Enterprise App you have created.

      10. Please take note of the Application (client) ID and Directory (tenant) ID as these are what we refer to as your Tenant ID and Client ID later.

      11. From the left menu click “Certificates & secrets“.

      12. Click the “Client secrets“ tab to see a table containing any previous ones you have setup.

      13. Above the table, click the “New client secret“ button.

      14. Provide a description and expiry date, then click “Add“. Please note as client secrets expire you will need to create new ones and provide them to the Mallcomm Team at least 30 days before they expire to allow the Mallcomm Team to schedule an update. We recommend setting the expiry to a minimum of 1 year.

      15. You should now see a new entry in the “Client secrets“ table. Please take note of the value column as this is your Secret and the only time you will have access to it.

      16. Once created please provide the following credentials to the Mallcomm Team to allow them to setup your integration.

        1. Tenant ID usually found in the Azure Active Directory service overview.

        2. Client ID and Secret for your Enterprise Application.

      17. Once the integration is complete on the Mallcomm server we will provide a Redirect URI. This needs to be implemented in a web platform configuration. To do this, go to the “App registrations“ page detailed in point 8 and click the “Authentication“ link from the left hand side.

      18. Click the “Add a platform“ button and choose “Web“ from the available options.

      19. Enter the Redirect URI provided by Mallcomm and click “Configure“.

      20. This completes your integration with Mallcomm SSO.

      Additional Assets

      When creating an integration with an active directory like Okta or Azure the Mallcomm Team creates a provisioning provider. This gives a portfolio’s users a custom login screen to the auth service when their email matches an agreed pattern. This requires the following assets and configurations.

      Name

      Requirements

      Where it’s used

      Logo

      • Landscape

      • Recommended 1400 x 500px

      At the top of the bespoke Auth Service login screen.

      Icon

      • Square

      • Recommended 960 x 960px

      On the buttons towards the bottom of the bespoke Auth Service login screen.

      Brand Colour

      • Hex value

      Throughout the bespoke Auth Service login screen.

      Email Domain Patterns

      A list of domain patterns that enforces a user to sign in with a companies Active Directory e.g. (.*)@toolboxgroup.global.

      When redirected to our auth service if a pattern matches you are taken to the bespoke page rather then the standard login.