SSO with Microsoft Azure AD

How to connect your 6clicks account to Azure AD

Creating the 6clicks app in your Azure AD account

Sign in https://portal.azure.com/#home using your MS credentials

After logging in click on All Services 

Go to Filter Services  

Search for App registration

Select New registration or Register an application

  1. Enter the display name
  2. Checkbox the "Accounts in any organizational directory (Any Azure AD directory - Multitenant" option
  3. Select Single-page application (SPA)
  4. Fill in the redirect URI:
    1. https://app.6clicks.io/account/login
  1. Select Register

Select 0 web, 1 spa, 0 public client, under Redirect URls 

Select Add URI. Add the following URI:

  • https://app.6clicks.io/app/main/link-external-user-callback

Additionally, under the Redirect URIs, we suggest adding the redirect URIs relevant to your geography: 
  • AU: https://app-au.6clicks.io/app/main/link-external-user-callback and https://app-au.6clicks.io/account/login
    US: https://app-us.6clicks.io/app/main/link-external-user-callback and https://app-us.6clicks.io/account/login
    UK: https://app-uk.6clicks.io/app/main/link-external-user-callback and https://app-uk.6clicks.io/account/login
    UAE: https://app-uae.6clicks.io/app/main/link-external-user-callback and https://app-uae.6clicks.io/account/login

Scroll down and check both Access token and ID tokens 

To copy the Application (client) ID, select "Overview" and copy to the clipboard 

How to connect 6clicks account to Microsoft Azure AD SSO 

Once you're logged in to your team in 6clicks 

Select Administration>Single Sign-on>Microsoft Azure AD  

Enter the Microsoft Azure AD Login URL (copy below) and Single Page Application ID (see above) and click on Save

Microsoft Azure AD Login URL: https://login.microsoftonline.com/common/oauth2/authorize

Select My Settings 

Select Single Sign-On and click on Connect using Microsoft Azure AD

Enforcing MS Azure AD SSO

Enforce Microsoft Azure AD toggle will be enabled only if: 

  • Correct “Microsoft Azure AD Login URL” and “Single Page Application client ID” are entered under “Administration > External Identity Provider”.
  • Microsoft Azure AD to be connected successfully under “My Settings > SSO Provider” by a 6clicks administrator.

Disabling MS Azure AD SSO

Select Administration > Single Sign-on > Edit > None> Save

Error handling 

1- Microsoft Azure AD Login URL is incorrect under Administration>Single Sign-On

2- Single Page Application ID is incorrect under Administration>Single Sign-On

3- Microsoft Azure AD is NOT connected under My Settings>SSO Provider

4- User does not have administrator privileges to register a new application. Contact the IT Administrator of your organisation.

Please note that this error relates to Microsoft Azure, it's best to contact your IT Administrator as this is not managed by 6clicks.