- Knowledge Base
- Integrations
- Azure SSO
-
Latest Release Notes
-
Getting Started
-
My Portal
-
Time & Attendance Configurations
-
Timesheets
-
Schedule Configurations
-
Schedules
-
Human Resources
-
Time Off Configurations
-
Time Off
-
Reports/Exports
-
Employee Management
-
Integrations
-
Platform Configurations
-
Time Clocks & Kiosk
-
Mobile App
-
Job Costing
-
Dashboard
-
Pay Period
-
Left Nav
-
Groups
-
Notification Preferences
-
Time and Attendance
-
New Left Nav & Global Settings
-
User Access
How to Integrate Azure AD SSO with the WorkEasy Platform
- Refer to Integration of Azure SSO Customers with WorkEasy Software
- Ensure that the customer has an Azure and tenant subscription.
- Refer to the Microsoft tutorial to register the application in the Azure Entra ID.
Register WorkEasy in Azure Entra ID
- Sign in to https://portal.azure.com/.
- Select Azure Active Directory on the left sidebar.
- Go to App registrations and click New registration.
- Enter a name for the registered application that reflects its purpose.
- Under Supported account types > Who can use this application or access this API?, select the third option Accounts in any organizational directory (Any Microsoft Entra ID tenant - Multitenant) and personal Microsoft accounts (e.g. Skype, Xbox).
- Use the following Redirect URI:
<IdentityServer BaseUrl>/federation/AzureAD.<CompanyCode>/signin
For example, if the customer company code is dm_eddy, the Redirect URI will be:
https://accounts.workeasysoftware.com/federation/AzureAD.dm_eddy/signin
The customer company code is dm_eddy.
Note:
- Although multiple Redirect URIs can be added, only the first one is utilized.
- Changes may take 3–5 minutes to take effect. - Go to Manage > Authentication > Implicit grant and hybrid flows section, and select ID tokens (used for implicit and hybrid flows).
- Create a client secret by going to Manage > Certificates & secret > Client secrets, click + New client secret to generate a new client secret.
- Enter a Description and select an expiration date (default is 6 months). Copy the newly created secret and store it securely for later use.
- Ensure that each user's email property in WorkEasy matches their Azure identity. Go to Home > Overview > Properties, as seen here.
- Go to the Overview section and copy the Application (client) ID and the Directory (tenant) ID.
- Send the following information to WorkEasy Software to register the application :
- CompanyCode: Company Code in WorkEasy Software
- AD_TenantId: Directory (tenant) ID
- AD_ClientId: Application (client) ID
- AD_ClientSecret: EWF IdentityServer Secret Value from Step 5.
- After registering the application for SSO, perform a test by logging in to the IdentityServer using the customer-specific URL for Azure AD:
https://accounts.workeasysoftware.com/Account/login?urltoken=<CompanyCode>
You're done! 🙂👍