Azure AD-based single sign-on (SSO) gives members access to Nectir through Active Directory.
Integrating Nectir with Azure AD gives you the following benefits:
- You can control who has access to your Nectir account, through Azure AD.
- You can enable users with automatic sign-in to Nectir through Single Sign-On with their Azure AD account.
- You can manage users and groups in your Azure portal.
Who can configure these settings?
- Users who are on a paid subscription and;
- Users who have the permission "Configure Company Settings" found in Console > Selected User Permissions > Settings and;
- Users who have Active Directory Administrator permissions for your business
We do not recommend testing the steps in this process using a production environment.
Step 1: Create a callback url (Sign-on url)
To begin first access your Azure AD callback url (sign-on url) within you Nectir account. Make sure that your administrator has assigned you "Configure Company Settings" permissions to be able to access this area.
- Login to your Nectir account
- Select Console
- Select System
- Select Third Party Integrations
- Select Azure Active Directory Single Sign-On
- Copy the callback url (sign-on url) - you will use this url in step 2.
Step 2: Add Nectir to your Active Directory gallery
To integrate Nectir with Azure AD, you first need to add Nectir as a new application.
- Log into Azure Active Directory
- Select "App registrations (Preview)"
- Select "New registration"
4. Give a name to your application, for example "Nectir"
6. Redirect url - paste the callback url you copied from your Nectir account in Step 1.
7. Click "Register"
8. A new app will be registered.
9. Copy and Save the Application ID generated - You will use this ID in step 5.
Stay on this page for Step 3.
Step 3: Configure your Active Directory settings for Nectir
This step ensures that the correct settings and permissions are set for your Nectir app, within Azure AD.
- Select API permissions
- Click "Add a permission"
- Click "Microsoft Graph"
- Click "Delegated permissions"
- From the list, expand Group and enabled Group.Read.All
6. Further down the list, expand User and enable User.Read and User.ReadBasic.All
7. Click "Add permissions"
Stay on this page for Step 4.
Step 4: Create a secret key
This step creates a secret key for your Nectir credentials.
You will use this key in step 5.
- From the sidebar, select "Certificates & secrets"
- Click "New client secret"
3. Enter a description and set the expiration to Never
4. Click "Add"
5. After clicking "Add" a value for secret key will be generated
6. Copy and Save this secret key, You will use this key in step 5
Step 5: Setup Active Directory in Nectir
At this point you will have saved two ID's/values generated within Azure:
- Application ID (generated in Step 2)
- Secret key (generated in Step 4)
You will use these keys, together with your domain url to finalise setup in your Nectir account.
- Log back into Nectir Console > System > SAML Authentication
- Enter your domain (e.g. company.onmicrosoft.com) - you can find your domain in 365 Admin Center > Setup > Domains
- Paste the Application ID you generated in Step 2
- Paste the Secret key value you copied generated Step 4
Ensure that the "Enabled" radio button is selected.
5. Click "Validate and Save"
6. A pop-up will ask you to verify permissions, click "Accept"
Your account is now integrated and ready to invite users.