Integrating Microsoft Office 365 and Azure with the Witco platform is essential for effectively managing your workspaces.
Azure allows users to log in to the application with their Microsoft 365 account and synchronize their data between the Witco platform, Microsoft Teams, and Outlook.
This article provides a comprehensive guide on integrating users and rooms via Office 365 and Azure, detailing each step and specifying the technical requirements necessary for a successful implementation.
Single Sign-On (SSO) is an authentication mechanism that allows a user to log in once to access multiple applications or services without having to enter their credentials each time they access a new application.
Regarding Witco, Microsoft Azure enables you to use a single identifier to access our platform.
Initial Azure Account Configuration
To synchronize users and enable SSO (Single Sign-On) between Office 365 and Witco, it is essential to correctly configure your Azure account.
Creating the Azure Application
-
Accessing the Azure Portal
- Log in to the Azure portal.
- Navigate to the App registrations section.
-
Application Registration
- Click New registration to display the registration form:
- In the Name field, enter the name of the application:
- In the Supported account types field, select "Accounts in this organizational directory only" as the supported account type.
- Click New registration to display the registration form:
-
Retrieving the Identifiers
- Once the application is created, go to the Overview section.
- Retrieve the Application ID and Directory ID.
These identifiers will be necessary for configuration in Witco.
Web Authentication Configuration
Go to the Manage → Authentication section:
-
Setting Up Redirect URIs
Configure specific redirect URIs for each environment (production, preproduction, development, local), following the format in the table below:
Environment | Redirect URI Format |
Production | https://CLIENT_SUBDOMAIN.witco.app/auth/external/validate |
Preprod | https://CLIENT_SUBDOMAIN.preprod.witco.app/auth/external/validate |
Development | https://CLIENT_SUBDOMAIN.develop.witco.app/auth/external/validate |
Local | http://localhost:4200/auth/external/validate |
-
Setting Up Logout URLs
Configure specific logout URLs for each environment (production, preproduction, development, local), following the format in the table below:
Environment | Logout URL Format |
Production | https://CLIENT_SUBDOMAIN.witco.app/auth/external/logout |
Preprod | https://CLIENT_SUBDOMAIN.preprod.witco.app/auth/external/logout |
Development | https://CLIENT_SUBDOMAIN.develop.witco.app/auth/external/logout |
Local | https://localhost:4200/auth/external/logout |
- It is mandatory to create a configuration for the local environment.
Without this environment, we cannot guarantee that all features will be fully tested. - The domain name (the
CLIENT_SUBDOMAIN
part in the tables above) will be provided to you by Witco. Contact us for more information.
-
Setting Up Authentication in Your Application
- Go to the application you created.
- In the Manage → Authentication section, click on Add a platform.
- In the Configure platforms → Web applications section, choose Single-page application:
- The Redirect URIs and Front-channel logout URL fields will appear:
- Enter the redirect URIs and logout URLs you obtained earlier.
Mobile Authentication Configuration
-
Setup for Mobile Applications
Similar to web authentication, configure a redirect URI for mobile applications.
The URI for the four types of environments (production, preprod, development, and local) ishttp://localhost:30662
. -
Setting Up Authentication in Your Application
- Go to the application you created.
- In the Manage → Authentication section, click on Add a platform.
- In the Configure platforms → Web applications section, choose Web.
- The Redirect URIs field will appear.
- Enter the redirect URI:
User Synchronization
Creating the Client Secret
- Go to the application you created.
- In the Manage → Certificates & secrets → Client secrets section of your Azure application, click on New client secret:
- In the Add a client secret section:
- Enter a description.
- Choose the expiration duration for the client secret (1 year, 2 years, or never):
- Click Add to validate the creation.
- Note the
Client secret
, which will be used for configuration in Witco (example below):
Assigning and Activating Permissions
-
- Go to the Manage → API permissions section.
- Click Add a permission:
- In the Request API permissions → Select an API window, click Microsoft Graph:
- In the Select permissions section, type
User.Read.All
in the text field. - In the Select permissions → Permission → User section, check the
User.Read.All
box:
- (Optional) If you manage groups, also add
Group.Read.All
in the same way.
-
Activating Permissions
- The new permissions will have an alert ("Not granted permission").
- Use an administrator account to grant and activate the permissions:
Data to Provide to Witco
Once the configurations are completed, it is crucial to provide the information below to the Witco team to finalize the integration:
-
Azure Application Identifiers
Provide the following:Application ID
Directory ID
Client secret
Client secret expiration date.
Contact us as soon as possible if you change any of these elements. Otherwise, your integration may stop working.
User Import
Determine whether all users should be imported from your Active Directory (AD) or only specific groups. For each group, provide the group ID and name.
User Fields to Import
Specify the fields to import and display in Witco, such as name, first name, phone number (landline and/or mobile), job title, department, office, etc. Also, provide the corresponding AD field names.
Testing and Validation
Test Users
Share with Witco test users, real or fictitious, to validate the import, synchronization, and logins across all environments.
Provide the name, email address, and password for each test user.
Integrating Microsoft 365 with the Witco platform is a complex but essential process for smart office management. By following the detailed steps above, your company will be able to not only synchronize users effectively but also benefit from seamless workspace management.
You can then prepare to integrate your rooms with the Witco platform. To learn more, see the page Integrating Microsoft 365 and Azure Integration With Witco: Room Integration.
Make sure to maintain regular communication with the Witco team to keep the integration up-to-date and functional.
Comments
0 comments
Please sign in to leave a comment.