This article provides a detailed guide on the steps required to set up SmartTrace Azure Single Sign-On (SSO).
Prerequisites:
- You must have administrative access to Microsoft Office 365, specifically you will need permissions to add an Enterprise Application to Microsoft Entra Admin Center (Formerly known as Azure Active Directory)
- A custom SmartTrace URL (i.e. https://myfacility.smarttrace.ai) (Contact SmartTrace customer service to set this up)
Steps to Configure:
- Navigate to Microsoft Entra Admin Center https://entra.microsoft.com/ (Formerly known as Azure Active Directory)
- Click Applications > App registrations > New Registration
- Enter "SmartTrace SSO" for the Name
- Select "Accounts in this organizational directory only"
- Select "Web" for the redirect URI and enter "https://api.smarttrace.ai/v1/auth/callback/azure/myfacility".
- Replace "myfacility" with the first part of your custom url. For example, if your custom SmartTrace url was https://ehtgroup.smarttrace.ai, enter "https://api.smarttrace.ai/v1/auth/callback/azure/ehtgroup"
- Click "Register"
3. Click Applications > Enterprise applications > All Applications
a. Search for "smarttrace" and click the SmartTrace SSO app you created in step
4. Click "Users and groups" > "Add user/group"
-
- You can add users on the basic subscription for Office 365, to add groups you must upgrade your Active Directory plan level.
- Add the users / groups whom you wish to be able to log into SmartTrace using their Microsoft Office 365 account
5. Navigate back to the SmartTrace SSO App registration
6. On the Authentication tab, select Access Tokens and ID tokens, then click Save at the bottom
7. On the Certificates & secrets tab, add a new client secret:
a. Name can be "OAuthSecret"
b. Choose an expiry date (remember to reissue the secret before it expires!)
c. Add the new secret
d. Copy the secret value and store it somewhere secure - you only get to see it once.
e. Copy the secret ID
8. Next, you'll need to configure the integration on the SmartTrace side. Log into SmartTrace as a facility administrator, and navigate to the integrations page:
9. Click the "Add Integration" button, and select "Azure". Click the pencil icon on the newly created Azure Active Directory integration:
10. Enter the client secret (which you took note of in step 7) and the application id, which can be found here:
That's it! Now access SmartTrace using your facility's URL, and you should see the sign-in with Azure button.
Congratulations you know now how to Set up SmartTrace Azure SSO! Checkout our other knowledgebase article for more recourses and guides.