Integrating with Azure Active Directory
Kutamo can be integrated with Microsoft Azure Active Directory, allowing you to sign into Kutamo with your existing organizational credentials. These are credentials typically configured in your organization's "Active Directory".
Azure Active Directory lets your company integrate with many other services aside from Kutamo, including Office 365, Salesforce and DropBox, and saves you having to log into each service individually.
Who is this document for?
This document is very technical in nature, and is specifically written for IT professionals who look after a company or organization's Azure Active Directory and Office 365 accounts.
What's Involved In Configuring Azure Active Directory
There are three main steps that must be followed in order to configure the integration of Azure Active Directory and Kutamo.
- Create an Azure AD Application
- Configure your Azure AD Application within Kutamo
- Notify your Organizational Users
Once this has been completed, your Organizational users will be able to use Kutamo with their local credentials.
Create an Azure AD Application
The first step to create your first Azure Active Directory Application is to visit the Microsoft Application Registration Portal.
https://apps.dev.microsoft.com/
Firstly enter a name for your application, such as "Kutamo", and an email address that Microsoft can send notifications to.
Next, select the type of application you'll be connecting to. In this instance, Kutamo is a "Single Page App" / "Javascript SPA".
Once created, you will be provided an Application ID, shown below in the orange box. Make a note of this, as you will need to enter this into the Kutamo site shortly.
At this point, you should also enter the Login page URLs for Kutamo, listed below.
https://www.kutamo.com/account/login_aad
You will also need to configure what user information is presented to Kutamo. This is configured in the Microsoft Graph Permissions section of the same page.
Finally, the Application Manfiest needs a slight adjustment - simply update the line
"oauth2AllowImplicitFlow": false,
to
"oauth2AllowImplicitFlow": true,
Once all these steps are completed, don't forget to click Save!
Configure your Azure AD Application within Kutamo
Once you have configured your Azure AD Application on the Microsoft Portal, you can now configure this in Kutamo.
Simply navigate to your Account page, follow the link to Advanced Options, and then select the Active Directory tab on the properties page. Or click the link below.
https://www.kutamo.com/ProfileAccountAdvanced
To configure the integration, simply complete the form.
Field |
Description |
Mandatory |
Azure AD Application ID |
Enter the Application ID from above (it is different for every Organization, so make sure you kept a record of it)< |
Yes |
Kutamo Login Code |
Enter a simple code that represents your company. This can be your company name, but must be just an alphanumeric identifier. This code is appended to a login URL for your users such as:
https://www.kutamo.com/login/mycompany
|
Yes |
Note to your Users |
This allows you enter a personalized comment to your users that appears on the login page. It is useful to remind users that they are logging into Kutamo using your organization credentials, as some users may not know who Kutamo is. |
No |
Notify your Organizational Users
Your users can now log into Kutamo without having to register their details, as you are now successfully integrated with Azure AD.
Users can simply visit the custom login link that is shown on your Azure AD link page. It will be in the format below:
https://www.kutamo.com/login/mycompany
In the link above mycompany is the Kutamo Login Code specified above.
User Permissions
Depending on your User's settings, they may be asked for permission to share their details with Kutamo. They will see a popup window from Microsoft requesting this, similar to those below.
Users need select Yes or Accept in order to be able to log into Kutamo.
Kutamo only retrieves the following information from your Users:
- Full Name
- Email Address
- Title
- User Avatar or Image
Troubleshooting
Popup Windows
The most common issue with Azure Active Directory integration is the requirement for browser pop-up windows by Microsoft.
Browser |
Instructions |
Google Chrome |
Go to Settings / Advanced / Privacy and Security / Content Settings and add https://www.kutamo.com/ to the list of allowed sites. |
Mozilla Firefox |
Go to Options / Content / Pop-Ups / Exceptions, and add https://www.kutamo.com/ to the list of allowed sites. |
Microsoft Edge |
Go to Settings / Advanced and disable popup blocking. |
Azure AD Delays
From time to time, creating a new Application ID in Azure ID will take a few minutes to propagate through Microsoft's infrastructure. If you receive a message saying the ID was invalid, wait a few minutes and try again.