Set up SSO with Azure

Prepr offers two ways to log in: by submitting an email address with a password, and via Single Sign-On. Single sign-on (or SSO) is a way to authenticate and log in to an application with just one set of credentials, rather than having to set up multiple usernames and passwords across different platforms. It's a more secure process and prevents potentially losing or forgetting log-in credentials since it's stored through another service.

You can integrate with Microsoft Azure Active Directory (AD) if you want to let users sign-in from within your company use Azure AD controlled by you or your organization.

An additional agreement for Prepr is required to enable the Azure AD app.

Azure AD Set-up

To sign in with Single Sign-On via Azure Active Directory, there are a few steps to integrate Azure Active Directory (AD).

Register your app with Azure AD

To create an Azure AD app, follow the steps below:

1. Sign in at portal.azure.com

2. In the Hamburger Menu, click on Azure Active Directory

3. Select App registrations from the menu on the left

4. Click 'New registration'

5. Enter 'Prepr SSO' as the name for the new app

6. Select 'Accounts in this organizational directory only'

7. Redirect URI select 'Web' from the list and enter https://sso.prepr.io/azure/callback

Register your app with Azure AD

8. Click 'Register'

9. If the app is registered successfully, the app's overview page will be displayed

10. Click 'Certificates & secrets' in the menu on the left

11. Click 'New client secret' enter 'Prepr SSO' as the name, and select 'Expire in 24 months'

12. Click "Add" and copy the "Secret Value" (you can only see this once, so copy this to a save place for now.)

Register your app with Azure AD

13. Click back to 'Overview' in the menu on the left

14. Copy the 'Application (client) ID', and the 'Directory (tenant) ID'

15. Click "Authentication" in the menu on the left

16. Enter https://sso.prepr.io/azure/{application_client_id}/sign-out and replace {application_client_id} with the Application (client) ID retreived earlier, and click 'Save'

Register your app with Azure AD

Provide App credentials

After you created the Azure app, please provide Prepr Support with the following details:

  • App ID
  • Secret value
  • Tenant ID

Info

After this setup, please give us a call, so we can finish your integration together.

Sign in with Azure

Once your Prepr account has an Azure integration, you can use the Single Sign-On button (SSO) on your sign-in screen. When you log in for the first time, you'll receive the default role, set up by your Prepr admin. If you already have an account with that email address, this account will be merged and it will be recognized that you are an Azure user.

The next time you want to log in, click on 'Log in with SSO'. You will be recognized as an Azure user. If so, then you will just end up in Prepr.

Sign in with SSO

Once you are an SSO user, it is not further possible to log in with the email / password combination.

Sign in with SSO

Each user who has signed in via SSO, can be recognized in the user list with an 'SSO' label. You can also filter all users with this 'SSO' label by selecting SSO > Has in the user list filters.

Sign in with SSO