Setup Single Sign-On (SSO) access with Microsoft Azure

Katrin Geske
Katrin Geske
  • Updated

This article explains step-by-step the necessary steps to set up Single Sign-on (SSO) with Microsoft authentication services.

Before setting up SSO, please get in touch with the babelforce Success Team. We will provide you with the redirect URL you need to add to the App you are registering.

Setting up SSO in Microsoft

 

  • From the sidebar of the active directory select "App registrations" and create a new app by clicking on "New registration"

mceclip0.png

  • Fill in the details to register the application and confirm with "Register"
    • The redirect URI will be added in the next step as it will be provided by babelforce as soon as you filled in all credentials

mceclip0.png

  • Make sure to save the Application ID and Client Secret (the Secret will be created in the upcoming steps)
  • We will go back to this section once everything is setup

  • Next, click on Add a certificate or secret to generate the client secrete. Decide on the expiration time.
  • Be aware: you must copy the secrete value right away - after you left the page, the secret value will not be visible anymore. Just pass it to any text processor for later use.

View of Client secret once you confirmed name and expiration date:

  • Under "Token configuration" click on "Add optional claim"
    • select ID
    • from the list, chose email
    • on saving, allow the permission change 

mceclip6.png

 

 

  • To complete the setup, go to "Manifest"
  • in line 4, change the "null" to 2. It should look like this: 
    "accessTokenAcceptedVersion"2,

mceclip0.png

 babelforce setup

  • Now that everything is setup, find the SSO settings in the babelforce manager:
Settings > SSO
    • You will only be able to access the settings if you have manager rights
  • Before we can start filling out the details, make sure to have your Microsoft azure settings open in another tab
  • Go back there, click on overview and "Endpoints". This will give you all the details you need to complete the SSO setup
    • if you left the App, go back there via Active Directory > App registration and enter the App you created in the beginning

mceclip1.png

  • To fill out the form, you need a few details. Below you see the mapping in babelforce. Everything that is filled in black is static and can be found as copy paste text below the image. Everything in turquoise needs to be copied from Azure.
    • You need to copy the orange boxed ids in the screenshot above and match them to the screenshot below

settings_babelforce.png

Copy paste values for babelforce:

  • Site: https://login.microsoftonline.com
  • Principle Claim: email

Once you filled out these required details, press on the little + next to redirect URI and you will be presented with the redirect URIs. 

To complete the setup, stay on the same page in your Azure app and add two redirect URIs, one for manager2 and the other for babelConnect2

  • Click on "Add a redirect URI"

mceclip2.png

  • In the window that opens select "Add a platform" and then select "Web"
  • Copy past the URIs for manager2 and after that from babelconnect2

mceclip3.png

 

  • Add the first re-direct URI and click on "Configure"

  • Once this is setup, you can add the remaining redirect URIs:

Testing your setup

You have now successfully setup SSO. The last remaining step is to test your setup. First, create a new user with management or any other type of rights in Global settings > User management. Ensure the user has an email address that matches your Azure Active Directory user account.

For the login, you will need your company's name as saved in babelforce. You find it here:

apps.{yourbabelforcenamespace}.babelforce.com/manager/manager/account/overview
  • Copy paste the exact name of the company

  •  Go to the babelforce manager login screen
  • Paste your company's name and follow the login procedure

 

If you encounter any problems, please get in touch with your babelforce team by contacting success@babelforce.com.

 

 

 

 

Related to

Was this article helpful?

/

Comments

0 comments

Please sign in to leave a comment.