Hi! How can we help?

Ask us everything

Integrating Microsoft 365 and Azure with Witco: User Login and Synchronization

Support Witco
Support Witco
  • Updated
Introduction

Integrating Microsoft Office 365 and Azure with the Witco platform is essential for effectively managing your workspaces.

Azure allows users to log in to the application with their Microsoft 365 account and synchronize their data between the Witco platform, Microsoft Teams, and Outlook.

This article provides a comprehensive guide on integrating users and rooms via Office 365 and Azure, detailing each step and specifying the technical requirements necessary for a successful implementation.

images.png

Reminders and Definitions

Single Sign-On (SSO) is an authentication mechanism that allows a user to log in once to access multiple applications or services without having to enter their credentials each time they access a new application.

Regarding Witco, Microsoft Azure enables you to use a single identifier to access our platform.

Initial Azure Account Configuration

To synchronize users and enable SSO (Single Sign-On) between Office 365 and Witco, it is essential to correctly configure your Azure account.

Creating the Azure Application

  • Accessing the Azure Portal

    1. Log in to the Azure portal.
    2. Navigate to the App registrations section.
  • Application Registration

    1. Click New registration to display the registration form:
      users01.jpg
    2. In the Name field, enter the name of the application:
      users02.jpg
    3. In the Supported account types field, select "Accounts in this organizational directory only" as the supported account type.
  • Retrieving the Identifiers

    1. Once the application is created, go to the Overview section.
    2. Retrieve the Application ID and Directory ID.
      These identifiers will be necessary for configuration in Witco.
      users03.jpg

Web Authentication Configuration

Go to the Manage → Authentication section:
users04.jpg

  • Setting Up Redirect URIs
    Configure specific redirect URIs for each environment (production, preproduction, development, local), following the format in the table below:

Environment Redirect URI Format
Production https://CLIENT_SUBDOMAIN.witco.app/auth/external/validate
Preprod https://CLIENT_SUBDOMAIN.preprod.witco.app/auth/external/validate
Development https://CLIENT_SUBDOMAIN.develop.witco.app/auth/external/validate
Local http://localhost:4200/auth/external/validate
  • Setting Up Logout URLs
    Configure specific logout URLs for each environment (production, preproduction, development, local), following the format in the table below:
Environment Logout URL Format
Production https://CLIENT_SUBDOMAIN.witco.app/auth/external/logout
Preprod https://CLIENT_SUBDOMAIN.preprod.witco.app/auth/external/logout
Development https://CLIENT_SUBDOMAIN.develop.witco.app/auth/external/logout
Local https://localhost:4200/auth/external/logout
Important

  • It is mandatory to create a configuration for the local environment.
    Without this environment, we cannot guarantee that all features will be fully tested.
  • The domain name (the CLIENT_SUBDOMAIN part in the tables above) will be provided to you by Witco. Contact us for more information.
  • Setting Up Authentication in Your Application
    1. Go to the application you created.
    2. In the Manage → Authentication section, click on Add a platform.
    3. In the Configure platforms → Web applications section, choose Single-page application:
      users05.jpg
    4. The Redirect URIs and Front-channel logout URL fields will appear:
      users06.jpg
    5. Enter the redirect URIs and logout URLs you obtained earlier.

Mobile Authentication Configuration

  • Setup for Mobile Applications
    Similar to web authentication, configure a redirect URI for mobile applications.
    The URI for the four types of environments (production, preprod, development, and local) is http://localhost:30662.
    users11.jpg

  • Setting Up Authentication in Your Application

    1. Go to the application you created.
    2. In the Manage → Authentication section, click on Add a platform.
    3. In the Configure platforms → Web applications section, choose Web.
    4. The Redirect URIs field will appear.
    5. Enter the redirect URI:
      users12.jpg

User Synchronization

Creating the Client Secret

  1. Go to the application you created.
  2. In the Manage → Certificates & secrets → Client secrets section of your Azure application, click on New client secret:
    users13.jpg
  3. In the Add a client secret section:
    • Enter a description.
    • Choose the expiration duration for the client secret (1 year, 2 years, or never):
      users14.jpg
    • Click Add to validate the creation.
  4. Note the Client secret, which will be used for configuration in Witco (example below):
    users15.jpg

Assigning and Activating Permissions

    1. Go to the Manage → API permissions section.
    2. Click Add a permission:
      users16.jpg
    3. In the Request API permissions → Select an API window, click Microsoft Graph:
      users17.jpg
    4. In the Select permissions section, type User.Read.All in the text field.
    5. In the Select permissions → Permission → User section, check the User.Read.All box:
      users18.jpg
    6. (Optional) If you manage groups, also add Group.Read.All in the same way.
  • Activating Permissions

    • The new permissions will have an alert ("Not granted permission").
    • Use an administrator account to grant and activate the permissions:
      users19.jpg

Data to Provide to Witco

Once the configurations are completed, it is crucial to provide the information below to the Witco team to finalize the integration:

  • Azure Application Identifiers
    Provide the following:
    • Application ID
    • Directory ID
    • Client secret
    • Client secret expiration date.
Important:

Contact us as soon as possible if you change any of these elements. Otherwise, your integration may stop working.

User Import

Determine whether all users should be imported from your Active Directory (AD) or only specific groups. For each group, provide the group ID and name.

User Fields to Import

Specify the fields to import and display in Witco, such as name, first name, phone number (landline and/or mobile), job title, department, office, etc. Also, provide the corresponding AD field names.

Testing and Validation

Test Users

Share with Witco test users, real or fictitious, to validate the import, synchronization, and logins across all environments.
Provide the name, email address, and password for each test user.

Conclusion

Integrating Microsoft 365 with the Witco platform is a complex but essential process for smart office management. By following the detailed steps above, your company will be able to not only synchronize users effectively but also benefit from seamless workspace management.

You can then prepare to integrate your rooms with the Witco platform. To learn more, see the page Integrating Microsoft 365 and Azure Integration With Witco: Room Integration.

Make sure to maintain regular communication with the Witco team to keep the integration up-to-date and functional.

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.