Single Sign On ( SSO )
Prancer Web supports Single Sign-On (SSO) for corporate login with Azure accounts. The admin must provide access from the SSO screen and set up the Service Principal Name (SPN) before provisioning. The user needs to enable the setting to access company data, add API permissions, and grant admin consent. The admin can test SSO by populating the Azure Group members list with the required details and selecting users for provisioning. The provisioned users can access the application via corporate login, and the admin can manage the list from the User Management screen.
Before provisioning, the user is required to set up the Service Principal Name (SPN)
Prancer Web is supporting the Corporate Login with Azure account.
To allow the user to login with an Azure account first admin has to provide that user from the SSO screen on the Prancer Web application.
Enable setting to allow the user to access the company data.
Azure Active Directory->
Consent and permissions->
User consent settings
Allow user consent for appsoption, under the
User consent for applicationssection.
Add API permissions
- Open on
Azure Active Directoryand click on
- Select an application from
- Open API Permission page:
- Click on "Add a Permission" button
Microsoft Graphoption from
Add the following permissions:
- After add permissions do the
Grant admin consentto apply the permissions.
- Open on
Require following items for test SSO:
- Directory (tenant) ID
- Application (client) ID
- Group Object Id
- Client secrets
To populate the Azure Group members list to fill the following items:
- Tenant Id
- Service Principle Id
- Service Principle Secret
Object Id of the group
Enter the correct details and click on the
Connectbutton. It will populate all members' lists from Azure and display them on the UI. Admin can select one or more users from the list and provision those users.
- Once the provision completes, those users can do the corporate login.
Admin can see the provision users list from the User Management screen and take back the access by deleting that user from the list.