Prerequisites
Active Microsoft 365 subscription
User with Admin access rights to Microsoft 365
Active Viima subscription
User with board admin rights to Viima
Overview
Background on the integration
Activating Azure AD for your Office 365 subscription
Configuring Viima
Background on the integration
Viima supports the use of Azure AD as an Identity Provider, which lets you use Microsoft accounts for identifying users and letting them log right in without having to create a new set of credentials. This improves both user experience and security.
With this integration, the user rights within Viima can be managed in Viima's administration portal for each board separately. This integration also allows customers to support SSO from multiple sources and not just one Azure AD instance, for example to support a combination of internal and external users.
Access to Viima can naturally be managed within Azure AD. For example, should you wish so, you can also use configure conditional access rights to limit access within your organization to e.g. certain user groups or IP addresses. Naturally, whenever an employee leaves and their user account is disabled/removed from Azure AD, they will no longer be able to access the given Viima instance.
This integration uses the OAuth 2.0 flow in Azure AD. If you’re not already familiar with OAuth2.0 or the Azure AD implementation of it, you can read more from the official documentation on MSDN.
If your organization has previously configured Azure AD to prevent or limit access to external apps, which most choose to do, you might need to add Viima manually as an "enterprise application" within the Azure AD admin center. This requires admin permissions. For more details, please see this article.
Activating Azure AD
All active and paid Microsoft 365 subscriptions also include a complimentary subscription to Azure AD. If you’re already using Azure AD with your organization, you can skip this step. If you haven’t yet enabled Azure AD, Microsoft offers these excellent illustrated instructions for getting started.
Configuring Viima
To be able to complete the following steps, you’ll need to have an admin user for the desired Viima instance. Please contact your Viima super user for access if you don’t already have an account.
If you already know your board name, the easiest way to get to access rights is through the following URL:
https://app.viima.com/admin/organization-name/board-name/#settings/access
If you do this, proceed directly to Step 3. Otherwise, start from Step 1.
Step 1:
On your Viima admin account, go to "Settings" in the admin portal of your board.
Step 2:
Go to the "Access rights" sub-section.
Step 3:
Go to the "Login settings" panel.
Step 4:
Make sure “Require login” is enabled (it is by default) unless you want your Viima instance to be publicly available. Choose "Microsoft (Azure AD)" from the login options.
P.S. This guide only covers Microsoft (Azure AD). For more information on other login options, read this guide.
All users in your Azure AD Directory should now be able to log in to Viima with their Azure AD accounts. Depending on your settings, each user might also have to let the application access their profile data via the oAuth 2.0 consent flow unless you grant consent on their behalf via the Azure AD admin center.
In case you’re having trouble with the setup, please see this guide, or contact our support.
Don't forget to save your changes!
Green "Save" buttons can be found on all pages where changes can be made. Clicking this activates those changes.