Versions Compared

Version Old Version 2 New Version 3
Changes made by

Space Sync for Confluence

Space Sync for Confluence

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Go to the overview page 

  2. Find “Manage application in local directory” and click on your application name, this will take us through to the application properties page. 

  3. On the left hand bar, under Manage, click on Properties.  

  4. Scroll down and there is a property called “Assignment required?” change this to “Yes”. 

  5. Click Save 

  6. Click on Users and Groups on the side panel. Here we will assign the users we want to allow access to this SSO login.  

    1. Click “Add user/Group” and select the users we want to allow.  

    2. Select the users you want to allow and press “Select” at the bottom. 

    3. This should update the page with the users selected, click “Assign” at the bottom. 

    4. You should now see the list of users allowed to use the application. 

  7. Any user not assigned to this list will not be allowed access to the SSO login, the platform will redirect them to Azure, but they will hit an error page and will have to return to the platform.

Troubleshooting

...

Logging into Platform

After setting up SSO, you will be able to sign in from the login page using SSO.

When clicking the “Login with SSO” button, the user will then need to supply their email address, this will now be case sensitive and needs to match the case of the email address in the users profile. Clicking next will take us to the the platform 2FA page. When completing 2FA, the user will be presented with SSO options, depending on the SSO that has been setup for the tenants that they are associated with.

Clicking on Azure will take the user to the respective directories. If they are successful then they will redirected and logged into the platform. If not, they will see a screen letting them know what happened, or will be redirected back to the platform.

Restricting Users using SSO in Platform

...

Signing in with SSO allows access to all tenants the user is associated with.

Troubleshooting

When signing into Azure, if a user hits a page that says that the application needs admin permission to sign in then Azure doesn’t have the correct permissions. Sign into Azure and go to “API permissions” on the side bar and Click on “Grant admin consent to {Company}“. This allows the app to read the user details and send them to the platform to read their email.