- Supported Identity Providers (IdP)
- Dashboard Setup
- Microsoft Azure Active Directory (AD) Setup
Supported Identity Providers (IdP)
|Microsoft Azure Active Directory (AD)|
Let us know what Identity Provider you would like to see!
Single Sign-On (SSO) is a more secure authentication and authorization feature that reduces the number of passwords your Organization Members need to create and maintain. IT departments are rightly concerned with re-used passwords stored across multiple 3rd party websites, tools, dashboards, portals, and other programs that employees need to perform their work. SSO allows employees to re-use their work login credentials hosted on your internal Identity Provider (IdP), for example, Microsoft Azure Active Directory (AD). All 3rd party logins in theory are consolidated into the single internally managed system, thus making 3rd party tools, portals, etc. more secure.
In order to start using SSO in the Awair Dashboard:
- Contact your Awair Sales or Customer Success representative OR fill out the waitlist form in the table above.
- Customer Success will add your company's domain(s) to your Awair Dashboard Organization.
- The domain(s) are checked during sign-up and sign-in in order to route your employees to your IdP.
- Note: two Awair Dashboard Organizations cannot share the same domain at this time.
- Proceed to the Awair Dashboard "SSO Credentials" page in the left-hand menu.
- Click "Enable SSO" and follow the prompts (see more details below).
SSO Credentials Page - Side Menu
Enable SSO Page
Choose Identity Provider
Client ID & Client Secret
Microsoft Azure Active Directory (AD) Setup
Register an application
OAuth 2 Redirect URI: https://awair.okta.com/oauth2/v1/authorize/callback
Copy and paste the URL above into the "Redirect URI (optional)" field (Note: this is REQUIRED, not optional).
Copy Client ID
Create Client Secret
Note: write yourself a reminder to create a new Client Secret based on the value you choose for "Expires" because you will need to rotate the Client Secret before this one expires. Otherwise, you will be locked out of the Awair Dashboard web and mobile app.
Copy Client Secret
Copy and paste the Client Secret into the SSO Configuration page of the Awair Dashboard. The Microsoft Azure AD interface will only show you the Client Secret one time, so if you forget to copy and paste it, you will need to create a new one.
Inviting Awair Dashboard Organization Members
Please refer to Awair Dashboard Organization Roles & Permissions for more detailed instructions on inviting and managing Organization Members in the Awair Dashboard.
Invited Members MUST:
- be registered in your IdP
- invited via the Awair Dashboard web portal
- have an email with your supported IdP domain that Awair Customer Success has also added to your Awair Dashboard Organization (see: Introduction - Point #2)