Ultimo Developer
  • Welcome
  • Getting started
    • Introduction
    • Software editions
  • API guide
    • REST
      • Requesting data
      • Inserting data
      • Inserting data in batch
      • File uploads
      • Query options
      • Special characters
      • Testing REST
      • Additional security
      • Limits and Quotas
    • HTTP POST
      • Overview of a POST request
      • Requesting data
      • Inserting data
      • Testing HTTP POST
      • Additional security
    • SOAP
      • Overview of a POST request
      • Requesting data
      • Inserting data
      • Testing SOAP
      • Additional security
    • Third party integration
    • Error handling
  • CONNECTORS
    • BI Platform
      • Create database user
      • Connect to the database
      • Expiring passwords
    • Exchange Online
      • Email import
      • Custom SMTP
    • LDAP
      • LDAP connector
      • Cloud vs On Premises
    • SCIM
    • OCI
    • Universal Print
      • Prerequisites & limitations
      • How to setup
  • API key Templates
    • Introduction
    • Master data
      • Cost centers
      • Departments
      • Employees
      • Service contracts
      • Suppliers
    • Assets
      • Technical Service
      • Medical Assets
      • Fleet objects
      • Infra objects
      • IT Configuration-Items
    • Jobs
      • Technical Service jobs
      • Medical jobs
      • Fleet jobs
      • Infra jobs
      • IT-incidents
      • Attach or change images
    • Article
      • Create articles
      • Create article supplier
    • IoT
      • REST
      • HTTP POST
      • SOAP
    • Reservations
      • Create reservation
      • Update reservation
      • Cancel reservation
      • Get reservations
    • Track & Trace
  • Database
    • BI overview
      • BI functions
      • BI views
  • Azure documentation
    • Terms & Conditions
    • Azure migration
      • Export alternatives
      • Import alternatives
      • LDAP
    • Setup standard Single Sign On with MS Entra ID
    • Azure Authentication
    • Azure IP addresses
    • Azure AD SCIM provisioning
  • Have a question?
    • Ask on our Customer Portal
    • Contact Customer Support
Powered by GitBook
On this page
  • Enable standard SSO with MS Entra Id
  • Reset/invite users
  • Activation link
  • Provisioning
  1. Azure documentation

Setup standard Single Sign On with MS Entra ID

This page describes how to enabled standard SSO without implementation and attention points regarding user management.

PreviousLDAPNextAzure Authentication

Last updated 20 days ago

Enable standard SSO with MS Entra Id

In the environment, in the Ultimo Configuration Tool, go to the AET on "application" level. Search for "Microsoft." Enable "Allow Microsoft Authentication."

When enabled, on the login page a new button will appear to login with Microsoft.

Only active user accounts that receive an activation link can actually login using this new button

Reset/invite users

All existing users log in with a different method. Either 'forms' or 'custom SSO'. To let them login with this new method you can reset the login method in the user manager. This can be done per user or via multiple select in a batch. Use optional filtering to determine the correct selection.

All activated users will receive an activation link. It is possible to reset inactive users but they wont receive an activation link.

If the link has expired, you can send a new invite by clicking the envelope icon in the user manager.

Activation link

The user shares the account information with the Ultimo app when using the activation link, as shown in the dialog below. Our app is verified by Microsoft and is a trusted app.

In some organisations, the app needs to be approved by the IT department.

Once the user links his organisation account with Ultimo, the activation step is finished, and from now on, the user can log in using the login button on the login page.

Authentication is done at your organisation's identity provider. When enabled, multi-factor authentication is applied.

Provisioning

Our standard SSO method is only applicable when using MS Entra ID. It is pure authentication. Although it is possible to maintain users manually, we advise to have user provisioning in place.

SCIM
Example of enabled setting
Example of the user manager with the reset button pressed
Example of the activation email
Premission requested by IFS Ultimo app