Microsoft Azure SSO Setup (Connect Users)

If your organization already has a Microsoft Azure SSO account, we can integrate it with the InsCipher Connect portal for a faster and more secure login experience for your users.

Setup Requirements:

In order to connect your MS Azure account with the InsCipher Connect portal for a streamlined SSO login experience, you will need to follow the step below. As there is a cost to support this integration, we ask clients interested in implementing this functionality to contribute to the cost. Please contact your InsCipher implementation specialist should you have questions.

Type:

We utilize OAuth and not SAML. You will need to create a user group and associate your filing team's Microsoft accounts to that group.

Callback URL:

Please add this callback URL for InsCipher in your Microsoft Azure settings:

CallBack URL: https://surpluslines.inscipher.com/sso/connect/check/azure

Required parameters:

The following information will need to be securely sent to the InsCipher implementation team in order to connect your Microsoft Azure SSO account:

  • Application (client) ID: 
  • Client Secret:
  • Tenant Id:

How to get your Application (client) ID:

Go to your MS Azure settings > Properties > Application ID

How to get your Client Secret:

Go to your MS Azure settings > Certificates and secrets > + New client secret

How to get your Tenant ID:

Go to your MS Azure settings > External Identities > Tenant ID

 

Once Activated

After the MS Azure SSO integration is enabled, your users will no longer be able to log in using their legacy usernames/passwords. If users try to edit their passwords, they will see a message like this:

Therefore, should you wish to implement this with your organization, it will be important that users are aware of this change. 

Once enabled, the process is pretty straightforward. On the main login screen, https://surpluslines.inscipher.com, would just click the “LOGIN with SSO” button, add their Microsoft exchange email, then they would be directed (the first time) to add their Microsoft password to login. After that, our system would drop a cookie so that future logins will only require them to add their email. 

 

Ongoing Maintenance

Should any of the credentials provided to InsCipher be changed, these would need to be updated in the portal. This can be done by either contacting support or by going to Setup > User List & Settings > and clicking on the "AUTHENTICATION PROVIDERS SETUP" button on the top right of the page: