LogoLogo
  • Introduction to Y Meadows
  • Getting Started
  • User Management
    • User Management Overview
    • Adding New Users
    • Managing User Roles
    • Disabling or Enabling Users
    • How To Setup Okta For SSO
    • How To Setup Azure Active Directory (AD) for SSO (Single Sign-On)
  • Components
    • Components Overview
    • Connections Types
    • Connections
      • How to make a Salesforce Connection
    • Intents
    • Review Queues
  • Journeys
    • The Fallback Path
    • The Junction Path
    • The Journey Path
    • Steps
      • Junction Source Step
      • Message Source Step
      • Fallback Source Step
      • Junction Processor Step
      • Render Template
      • Decision Step
      • Review Step
      • Go-To Step
      • Journey Complete Step
      • Exit Step
      • Review Exit Step
      • Echo Step
    • Expressions in Step Inputs
  • Reviews
    • Reviews Overview
    • How to Approve a Message
    • How to Edit a Templated Response
    • How to Redirect an Intent
    • Routing a Message for Manual Handling
  • Analytics
    • Trips Analytics
  • Integrations
  • Front
    • Connecting Y Meadows and Front
    • Add Tags to a Conversation
    • Remove Tags from a Conversation
    • Return Conversation Information
    • Move a Conversation
    • Add Comment to a Conversation
    • Create Draft Message
    • Create Draft Reply to a Conversation
    • Send Response to a Message
    • Assign a Conversation
    • Archive a Conversation
  • Zendesk
    • Connecting Y Meadows and Zendesk
    • Update Ticket Fields
    • Add a Comment to a Ticket
  • Salesforce
    • Connecting Y Meadows and Salesforce
    • Case to Queue
    • Email from Case
    • Case Fields
    • Post to Case
  • Help Scout
    • Connecting Y Meadows and Help Scout
    • Add Tags to Conversation
    • Assign Conversation
    • Reply to Conversation
    • Get Tags from Conversation
  • Hubspot
    • Connecting Y Meadows and HubSpot
    • Update Contact
    • Get Contact Information
    • Update Contact's Deal
    • Get Deal Info from Contact or Deal ID
    • Get Deal Information
    • Lookup Deal ID by Name
    • Remove Deal Association
  • Microsoft 365
    • How to Set Up Microsoft 365 As A Message Source Connection
  • Microsoft Teams
    • Setting up Microsoft Teams Bot as A Message Source
  • Kustomer
    • Connecting Kustomer to Y Meadows
  • Jira
    • Connecting Jira Service Management to Y Meadows
    • Jira - Create a Jira Issue
  • Background Information
    • Everything you need to know about Intents
    • Creating Intent Datasets
    • Y Meadows Technical Overview
  • Support
    • How to Report an Issue
  • Release Notes
    • Product Release Notes Q1 2022
    • Product Release Notes Q2 2022
    • Product Release Notes Q3 2022
    • Product Release Notes Q4 2022
    • Product Release Notes Q1 2023
    • Product Release Notes Q2 2023
    • Product Release Notes Q3 2023
    • Product Release Notes Q4 2023
    • Product Release Notes Q1 2024
    • Product Release Notes Q2 2024
    • Product Release Notes Q3 2024
Powered by GitBook
On this page
  • Background
  • Instructions
  • Step 1
  • Step 2
  • Step 3
  • Step 4 (commonly performed by a Y Meadows staff member)

Was this helpful?

  1. User Management

How To Setup Azure Active Directory (AD) for SSO (Single Sign-On)

Background

Many companies that use Microsoft services like Microsoft 365 (formerly known as Office 365) use Azure Active Directory for identity management.

We can use that for single-sign on to Y Meadows, so that users can login using their Microsoft identity at that company.

To do this we integrate Azure Active Directory as an Identity Provider with Keycloak. Keycloak manages identity at Y Meadows. Azure Active Directory support OpenID Connect (OIDC), so we will use that to connect. SAML is also an option.

Instructions

Step 1

Log in to Azure Portal (https://portal.azure.com/#home)

Select Azure Active Directory

Select your Azure Active Directory tenant

Go to App Registrations

Click + New Registration

For name, type Y Meadows.

For supported account types choose Accounts in this organizational directory only

For redirect URI enter https://SUBDOMAIN.ymeadows.com/auth/realms/tier0/broker/oidc/endpoint

Click Register

Step 2

Go to Certificates and Secrets in the app registration that you just created

On Client secrets, click on New client secret.

Set Expires to Never if it is an option. Otherwise use the longest period allowed.

Click Add

Copy the secret value and the client ID (not the ID of the secret). You will need them in a future step.

Step 3

Go to the overview page of the app registration

Click Endpoints

Copy the OpenID Connect metadata document URL you will need it in a future step

Step 4 (commonly performed by a Y Meadows staff member)

Go to https://SUBDOMAIN.ymeadows.com/auth/admin/tier0/console/#/tier0/identity-providers

Click Add Provider

Choose OpenID Connect

Under Discovery Endpoint enter the URL you got in step 3.

Under Client ID and Client Secret enter the values you got in step 2.

For Display Name enter the name of the client (e.g. Acme Corp.)

Keep alias as oidc, the default.

Click Add

You should be able to login from the login page now!

PreviousHow To Setup Okta For SSONextComponents Overview

Last updated 5 months ago

Was this helpful?