Note: To enable SSO for Microsoft Azure on Notify for your organisation, please contact Customer Success to discuss this.
What do Notify require to configure Single Sign On?
-
Your Organisation's Microsoft Azure Active Directory Tenant ID.
-
Depending on security restrictions, you may need to seek approval from your IT Admin to approve Notify to use your Azure Active Directory
-
Once your IT Admin has approved the app and Notify have enabled/configured the SSO setup, any user logging in for the first time will be prompted to give permission to Notify to use their Active Directory in order to authenticate and login to Notify.
Logging into Notify Cloud Web App using Sign in with Microsoft
On the first occasion of logging into Notify Cloud with SSO, the user will be asked to give their consent that they are happy to sign into Notify using their credentials by clicking Accept.
Frequently Asked Questions
Q1. Does Notify's Single Sign On solution support Multi-Factor Authentication?
Yes. 2Factor (2FA) or Multi-Factor Authentication (MFA) is something that is controlled on the user IDP (Identify Provider e.g. Microsoft Azure Active Directory). In this case if your Microsoft Azure Active Directory has been configured to enable 2FA/MFA, you will be prompted to authenticate upon logging in with Microsoft.
Q2. Once SSO is enabled and setup can I still login using my normal Notify credentials?
Yes. We made the decision to actively still support the ability to login to Notify Cloud using either your existing Notify Cloud login details or your unique Single Sign On username/password.
Q3. What happens if the we need more than one Azure Active Directory Tenant ID per account?
Notify Cloud supports multi Azure Active Directory Tenant ID to allow more than one tenant ID to be recorded against a single customer account.
Q4. Will all Notify users see the Sign in with Microsoft Button?
Yes all users will be able to see the Sign in with Microsoft button on Notify Cloud and Notify Audits & Inspections Mobile apps.
Q5. What happens if I have not been enabled and setup for SSO, but choose to Sign In with Microsoft?
You will be prompted to to pick your Microsoft account you wish to login to Active Directory, but as SSO is not enabled and your Active Directory Tenant ID is not recognised we will return the following “Unable to recognize your Azure Active Directory Tenant” message.
Q6. If I have already signed in with SSO to another application on my PC, what happens if I open Notify?
When you open Notify Cloud on a separate browser tab, upon clicking the Sign in with Microsoft button it will take you straight into the application without asking you to authenticate.
Q7. What happens if I’ve signed into Notify with SSO on a different tab on a browser and then subsequently close that tab but still have the browser open then reattempt to open Notify Cloud?
As long as you selected Yes to Stay Logged in, when closing down the Browser tab and then reopening a new Browser tab, and opening the Notify Cloud homepage - you will need to select Sign in with Microsoft button, this will open Notify without the need to reauthenticate your SSO login details.
Q8. What happens if I click Log Off from Notify when I’ve signed in with SSO?
If you are logged into Notify through the SSO process, choosing the Log Off button will take you down the route of signing out of your SSO login. Therefore, if you still have a different browser tab open and signed onto a different application, it’s best practice to simply close the Browser tab as opposed to logging out.
Q9. How can I check if Notify is an approved app to sign in to our Azure Active Directory?
You can view this here: https://myapplications.microsoft.com/
Please Note: You will need to be logged into an application on your web browser through single sign on. If you are not, you will be asked to login to Microsoft using your login details.
Q10. Does our Azure Active Directory control the permissions in Notify Cloud?
No. Our Single Sign On implementation only supports the ability to authenticate into Notify Cloud using SSO. The Notify Cloud application will control the permissions that are given to users.
Q11. What happens if a new person starts the customers business and needs to sign on to Notify Cloud using Single Sign On?
The user has to be setup in Notify Cloud by a user with access to User Management and then set up their relevant permissions.
Once the user is setup and opens the Notify Cloud login page, they will be able to click Sign in with Microsoft and login using the SSO credentials.
Q12. What happens if somebody leaves the business?
The ex-employee of that organisation will be switched off/disabled on the customers Active Directory, which will stop them being able to login to Notify using SSO.
Important: The user will then also need to be disabled in Notify Cloud by a user with access to User Management.
Q13. Does the Notify IM app support Single Sign On?
No, to use the IM app the Company Code is needed.