How to set up Microsoft SSO?

If your organization uses Microsoft Azure and Office 365, we highly recommend enabling Microsoft SSO in Azure in order to offer your users the simplest login experience in Motimate.

Setting up Microsoft SSO with Motimate

  1. Log in to your Microsoft Azure Portal with a Microsoft Azure Admin account.
  2. Start by searching for App Registrations in the search bar at the top of the Azure Portal, and click it when it appears.
  3. A new page for App Registration setting appear. Here you should click New Registration at the top of the page.
  4. Give the following Name to the new application: Motimate SSO.
  5. Then make sure that Support Account Types is set to the first option: Accounts in this organizational directory only (Single tenant).
  6. Enter the following Redirect URI under Web:
    https://{identifier}.web.motimateapp.com/external-auth-completed
    (replace {identifier} with your organization's identifier. You'll easily see it in your URL when you log in to your Motimate account)
  7. Click Register at the bottom of the page.
  8. After a short while your new Applications is registered, and you'll will see the Overview.
  9. Now you must click API Permissions in the menu to the left.
  10. Under Configured Permission, you must click Grant admin consent for ... This will ensure that all users in your organization are signed in without any promts. If you are unable to click the button, you need to make sure you are signed in with a Microsoft Azure Admin account. If not, please identify an admin in your organization who can do so.
  11. Click Yes on the Grant Admin Consent Confirmation box that appears.
  12. Next you should navigate to Authentication in the menu to the left.
  13. On this page you must click Add a Platform in the Platform Configurations sections.
  14. Select the box for Web under Web Application.
  15. Provide the following Redirect URI:
    https://{identifier}.motimateapp.com/admin/external-auth-completed
    Remember to replace {identifier} with your organization's identifier.
  16. Click Configure at the bottom of this screen.
  17. Next, you need to click Add a Platform in the Platform Configurations section again.
  18. This time you should select the box for Mobile and Desktop Applications under Mobile and Desktop Applications.
  19. Provide the following Redirect URI:
    motimate-training://external-auth-completed
  20. All the three checkboxes should remain unchecked.
  21. Click Configure at the bottom of this screen.
  22. You should now verify that the three URIs you've added appear in these settings:
  23. Scroll down below these settings and enter the following Front-channel logout URL:
    https://{identifier}.motimateapp.com/admin/external-logout-completed
    Remember to replace {identifier} with your organization's identifier.
  24. Do not activate Implicit Grant and Hybrid Flows. Checkboxes for Access Token and ID Token must be left blank and unchecked.
  25. You should now click Save at the very top of the page to ensure all your settings are saved.
  26. Next you should click Certificates & Secrets in the menu on the left.
  27. On this page you much click New Client Secret in the Client Secrets section.
  28. Provide the following Description for your secret: Motimate.
  29. Then select the longest lasting available value for Expires. This is typically 24 months or Never. In the future, before your secret expires, you must generate a new one, and provide it to Motimate to ensure that SSO continues to work with Motimate.
  30. You can now click Add at the bottom of the page in order to generate the new secret.
  31. You should now copy the Value of your Motimate secret. Do not copy the Secret ID. You will need to share this value with Motimate at a later step. The simples way to copy the secret is to click the tiny Copy-icon following the secret characters:
  32. Afterwards, you should go to Overview at the top of the menu on the left.
  33. In this overview of Essentials you will need to copy both the entire Application (client) ID and the entire Directory (tenant) ID:
  34. Finally, please email all of the information to support@motimateapp.com and request Microsoft SSO to be activated for your Motimate account. You can also send them directly to the Customer Success Manager who may be supporting you in your organization's onboarding process. This is the data which much be included:
    1. Application (client) ID
    2. Directory (tenant) ID
    3. Secret Value
  35. We will activate Microsoft SSO for your Motimate account shortly after we receive the credentials. Once activated all your users will be required to log in with SSO in order to get access to your Motimate account. Users already logged in, may be required to log out, and then log back in again.
Congratulations! You have now successfully enabled Microsoft SSO for your organization.