It is common for team members to all login with a single account for some web applications. For example, we have a couple of individuals who log into the company Twitter and Instagram accounts to post regular updates. However, only one of these people actually knows the password. To do this we are using features of Azure Active Directory and single sign-on (SSO) for the web accounts shared with a team. You can use Azure Active Directory allowing Office 365 users to automatically log in to almost any SaaS or web based application.
Here are the steps you need to follow:
- Add The Application To Azure Active Directory
- Assign The Application To Users/Shared Mailbox
- Launch The Application
- Install The Browser Plug-in
- iOS Single Sign-On
Add The Application To Azure Active Directory
First, create a Shared Mailbox. This is important if you want to log in multiple users – I’ll explain why in a minute. It also makes it easier when creating the account in the external web application. You can register the account with the shared email address of the distribution group so everyone that uses the shared account can get notifications.
Now, log into the classic Azure management portal (https://manage.windowsazure.com) and navigate to your directory. Browse to the Applications tab along the top and then select the Add button at the bottom of the window. You will then be asked “What do you want to do?”. Select the option to “Add an application from the gallery”. Search for the web application, chances are that you will find it. Otherwise, you can try it as a custom application or request integration for the application.
Select the application, give it a display name and click the check box to continue. In many cases it will add the application and return to the Azure Active Directory Applications list. For some applications you will need to supply additional options. I won’t go into those options in this post, but some applications have additional integration features. For example, you could auto-create user accounts in the destination application based upon matching Azure Active Directory users.
You should now now see a screen stating that “Your app has been added!”. The app is now available for single sign-on, but in order for users to be able to use it, you must assign accounts (or users) to the app. Click the Assign accounts button to continue.