[en] Azure Active Directory (AD) Single Sign On (SSO)
[en] RamBase supports Single Sign On (SSO) with Microsoft Azure AD. If your organisation uses Microsoft Azure AD you can set up SSO for your users to allow them to sign in to RamBase with the same credentials they use for Microsoft Azure AD.
[en] For users that have been set up with Microsoft Azure AD sign in the following security measures will now be handled by policies in Microsoft Azure AD instead of in RamBase:
[en] Two Factor Authentication (2FA)
[en] Trusted networks/locations
[en] Users that are not using Microsoft Azure AD will still use the policies configured here.
[en] To activate SSO, the CSV setting Enable users to use single sign on with Microsoft AD must be enabled.
[en] When the setting is enabled, a new menu option Invite user to Microsoft AD login becomes available in the USERS application.
[en] Select Invite user to Microsoft AD login to send an email to your user with instructions on setting up SSO. Select OK in the prompt that appears. This needs to be done for every user that you want to enable to sign in with Azure AD. After set up, users will be able to select Sign in with Microsoft in the RamBase sign in page. The pid/password sign in method is disabled for the user.
[en] To disable the Azure AD sign in for your user, select Reset single-sign-on AD user and Move to invite status. This sends out a new email to the user allowing them to set up the pid/password authentication.