July 9, 2021

Single Sign On via Azure AD

Single Sign-On (SSO)

SecureDock supports Single Sign On (SSO) via Azure Active Directory (Azure AD) for designated company accounts.

Purpose

To simplify and enhance company security, SSO handles and tracts employees’ software access. For the software user, SSO simplifies the use of passwords. Specific to SecureDock, SSO allows company users to log into their SecureDock account by clicking a ‘Login with Microsoft’ button which is connected to their Azure Active Directory. SSO also helps to automate provisioning workflows for admins and account managers.

Login with Microsoft Button

Company Requirements

The following requirements must be met for this feature to be implemented with your company account:

  1. Company must already be using Azure Active AD, managing user access to cloud applications.
  2. Company must provide SecureDock with basic information such as company email domain and temporary email address for testing so we can validate the configuration.
  3. Company must choose between two options for users, Required SSO or Optional SSO.

Required SSO: SecureDock users will be required to sign in using their Microsoft Azure AD credentials (no custom username or password allowed). Once a user is removed from Azure AD, they will no longer be able to access their SecureDock account.

Optional SSO: SecureDock users will have the option to link existing accounts to their Microsoft Azure AD account or sign in with their SecureDock username and password.

Assumptions

  1. All new or existing SecureDock users have the correct company email address associated with their SecureDock account. (No personal email addresses or aliases can be used unless prior SSO connection has been made).
  2. All new or existing SecureDock users have only one (1) SecureDock account associated with their email address on file with Azure AD. (Multiple SecureDock accounts using the same email address will not be allowed, otherwise SSO connection will fail)

Linking a new or existing SecureDock accounts to Azure AD (Procedure)

Procedure for Company Implementation

  1. Company must request SSO configuration and provide SD with the following:
    • Company email domain (ex: secure-dock.com)
    • (Optional) Temporary email address for QA testing
    • Select Required or Optional SSO option for company (see company requirements above)

 

  1. SD will enable SSO for company account and will add the following the items to the existing company account configuration.
SSO provider name Azure AD
SSO provider email domain Ex: secure-dock.com
Required or Optional login with SSO {Company request}
  1. SD will test SSO configuration using temporary email account provided by client.

Procedure for Individual Users

  1. Go to the SecureDock login page by visiting: https://www.mysecuredock.com/m
  2. Click on the Login with Microsoft button at the bottom.
  3. Follow the instructions and enter existing Microsoft credentials to complete SSO connection.
    *If this is your first time logging in to the system, your Azure AD credentials will be used to create your new SecureDock account.
  4. Once connected and logged in, click on you Settings on the left.
  5. Under the client profile section, check to make sure the correct username and email address are listed and that the green “User linked to Azure AD SSO” is visible.

Troubleshooting SSO link issues:

If any above-mentioned assumptions are not met during initial account linking or registration, the following error message may appear. To complete SSO account link, user will need to contact their local system administrator or SecureDock support rep (support@secure-dock.com)

Single Sign On Login Error Screenshot