Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Set up single sign-on (SSO)

            Modified on Wed, 28 Aug at 10:30 AM

            Introduction

            Multi-factor authentication is required for Government-connected software. It enhances security by requiring a second form of verification alongside your password.  

            If you have Microsoft accounts already secured with multi-factor authentication, your organisation can opt for single sign-on via Microsoft Azure B2C as an alternative to Authenticator App logins.

            Step 1: Register an Application

            1. Within Microsoft Azure AD, go to App registrations and click New registration.


            2. Create the application by completing the registration application page. You can name the application as you wish. The redirect URL is:

            Step 2: Add a Logout URL and select flow options

            1. Go to Manage Authenticationand add the following logout URL:
            2. Under Implicit and hybrid flows, click the tick boxes for: 
              • Access tokens (used for implicit flows); and 
              • ID tokens (used for implicit and hybrid flows)

            Step 3: Add a Scope

            1. Go to Expose an API.
            2. Set the Application ID URI as your client ID.
            3. Click Add a scope and fill in the required information.

            Note: A Scope in the Microsoft identity platform are permissions for a given resource that represent what an application (e.g. TaxLab) can access on behalf of the user (e.g. email, family_name, given_name).

            What you name the scope is up to you, when adding this for TaxLab it allows the application to get the required information for user login.

            Example:

            • Scope name: user_impersonation
            • Admin consent display name: Access TaxLab application.
            • Admin consent description: Allow the application to access TaxLab on behalf of the signed in user.
            • User consent display name: Access TaxLab application.
            • User consent description: Allow the application to access TaxLab on your behalf.

            Step 4: Add optional claims

            Under Token Configuration > click the check box next to the following to add optional claims:

            • email
            • family_name
            • given_name

            Step 5: Open the Endpoints in Azure AD

            1. Go to Overview and then click on Endpoints and locate the OpenID Connect metadata document which will end in /.well-known/openid-configuration.
            2. Copy the client ID

            Step 6: Contact TaxLab Support

            Please contact support@taxlab.online to discuss options for you to securely provide us with the following information to complete the connection:


            1. OpenID Connect metadata document;
            2. client ID.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0