Feature Overview

Ushur is constantly innovating and introducing features that make the user experience smoother, more convenient, and less cumbersome. The features also aim to enhance the security and resiliency of the platform by adopting the latest industry-standard best practices.

With this in view, Ushur is introducing the Single Sign-On (SSO) feature. This feature enables users of the Ushur builder to be authenticated via the enterprise systems that they are already set up in. The platform can now be integrated with SSO providers such as Google and Microsoft Azure.

Steps for Enabling SSO

This document assumes the enterprise is already using an identity provider such as Google or Microsoft Azure and is using a directory service such as Azure Active Directory.

This document details the process of configuring SSO using Microsoft Azure as the identity provider.

At a high level, the steps needed to enable SSO on Ushur are as follows:

• [Done on customer Azure AD] Create a new App Registration for Ushur SSO access.

• [Done by Ushur team on Ushur platform] Add the user on Ushur as SSO User

Register a new App on Azure Active Directory

1. Log on to Microsoft Azure (https://portal.azure.com/#home ) and navigate to Azure Active Directory from the menu.

   

2. Select App Registrations.

   

3. Click on New Registration and Provide a name for the application and select the option Accounts in this organizational directory only.

   

4. Click Register button.

5. Under the Redirect URI (Uniform Resource Identifier) section, specify the redirect URI provided by your CSM (Customer Success Manager) at Ushur and click the Register button.

   

6. Now you can see the Client ID for the registered application under Essentials. Note it down, you need to provide this Client ID to Ushur for setup.

   

7. Select the Certificates & Secrets and click New Client Secret.

   

8. You will see the newly generated secret under Client Secrets now. Make sure you copy the secret and save it securely. This will be displayed only once and you will not be able to view this again. You need to provide this secret key to Ushur for setup.

   

Add the User on Ushur platform as SSO User

Note

This step to be performed by Ushur team

1. We now need to add the user on the Ushur builder. This step needs to be performed as an Admin User. Login to the Ushur builder and click on the User Admin Tab.  Enter the email address of the user as has been set up on the Enterprise.   Check SSO checkbox and click the Add User button.

   

2. Login using SSO: On the Ushur builder login page, the newly setup user can type in their email address and click the “Log in with Azure” button. No need to enter a password.