All Collections
Features & How-Tos
Setting up Microsoft login (Azure AD) SSO with Viima
Setting up Microsoft login (Azure AD) SSO with Viima

Microsoft login (previously known as Office 365 login), is the most common enterprise SSO method used by Viima's customers.

Updated over a week ago

Prerequisites

  • Active Microsoft 365 subscription

    • User with Admin access rights to Microsoft 365

  • Active Viima subscription

    • User with board admin rights to Viima

Overview

  1. Background on the integration

  2. Activating Azure AD for your Office 365 subscription

  3. Configuring Viima

Background on the integration

Viima supports the use of Azure AD as an Identity Provider, which lets you use Microsoft accounts for identifying users and letting them log right in without having to create a new set of credentials. This improves both user experience and security.

With this integration, the user rights within Viima can be managed in Viima's administration portal for each board separately. This integration also allows customers to support SSO from multiple sources and not just one Azure AD instance, for example to support a combination of internal and external users.

Access to Viima can naturally be managed within Azure AD. For example, should you wish so, you can also use configure conditional access rights to limit access within your organization to e.g. certain user groups or IP addresses. Naturally, whenever an employee leaves and their user account is disabled/removed from Azure AD, they will no longer be able to access the given Viima instance.

This integration uses the OAuth 2.0 flow in Azure AD. If you’re not already familiar with OAuth2.0 or the Azure AD implementation of it, you can read more from the official documentation on MSDN.

If your organization has previously configured Azure AD to prevent or limit access to external apps, which most choose to do, you might need to add Viima manually as an "enterprise application" within the Azure AD admin center. This requires admin permissions. For more details, please see this article.

Activating Azure AD

All active and paid Microsoft 365 subscriptions also include a complimentary subscription to Azure AD. If you’re already using Azure AD with your organization, you can skip this step. If you haven’t yet enabled Azure AD, Microsoft offers these excellent illustrated instructions for getting started.

Configuring Viima

To be able to complete the following steps, you’ll need to have an admin user for the desired Viima instance. Please contact your Viima super user for access if you don’t already have an account.

If you already know your board name, the easiest way to get to access rights is through the following URL:

https://app.viima.com/admin/organization-name/board-name/#settings/access

If you do this, proceed directly to Step 3. Otherwise, start from Step 1.

Step 1:

On your Viima admin account, go to "Settings" in the admin portal of your board.

Step 2:

Go to the "Access rights" sub-section.

Step 3:

Go to the "Login settings" panel.

Step 4:

Make sure “Require login” is enabled (it is by default) unless you want your Viima instance to be publicly available. Choose "Microsoft (Azure AD)" from the login options.


P.S. This guide only covers Microsoft (Azure AD). For more information on other login options, read this guide.

All users in your Azure AD Directory should now be able to log in to Viima with their Azure AD accounts. Depending on your settings, each user might also have to let the application access their profile data via the oAuth 2.0 consent flow unless you grant consent on their behalf via the Azure AD admin center.

Azure AD office 365 Pic 2.png

In case you’re having trouble with the setup, please see this guide, or contact our support.


Don't forget to save your changes!

Green "Save" buttons can be found on all pages where changes can be made. Clicking this activates those changes.


Did this answer your question?