How to configure SSO for Method Grid using Microsoft.
This feature is only available to Professional (paying) customers. If you are using a free account and wish to use this feature, the first steps are:
- Upgrade to Professional plan
- Go to "Account settings" in the profile image dropdown menu, top right of the main navigation bar > Configure domain > Set name and domain
NB: Your Method Grid account must have a unique domain/URL for SSO to work
Configuring SSO for Microsoft
Part 1 | Setting up in Microsoft Azure Active Directory
- Log in to your Azure account
- Click 'Azure Active Directory' in the left hand menu (clicking the 3 stacked lines top left corner reveals this if you can't see it)
- Click 'Enterprise Applications'
- Click '+ New application' located above the dropdowns
- Click the 'Application you're developing' box
- Then click on 'Ok, take me to App Registrations to register my new application.'
- Click on '+ New registration' located above the blue information strip
- On the 'Register andapplication' page enter 'Method Grid' in the 'Name' field
- On the same page select the second radio button option in the 'Supported account types' section labelled 'Accounts in any organizational directory (Any Azure AD directory - Multitenant)'
- Finally on this page, in the 'Redirect URI (optional)' section, with 'Web' selected in the dropdown paste the following URL in the field alongside https://app.methodgrid.com/sso/azure-ad
- Click on the 'Register' button at the bottom of the page
- Copy the 'Application ID' (you will need to enter it into the Method Grid setup below)
- Click 'Certificates & Secrets' in the left hand menu and then '+ New client secret' in the 'Client secrets' section
- When the 'Add a client secret' panel appears, type something in the 'Description' field and select an expiry option (we recommend 'Never') then click the 'Add' button
- You will see that your new client secret has been added to a table. Copy the string of characters in the 'Value' column as you will need to enter it into the Method Grid setup in Part 2. NB: Store it in a safe place as you only get the chance to copy it on its creation
- Click 'API permissions' in the left hand menu. On the 'API permissions' page click the '+ Add a permission' button and in the panel that appears click the 'Microsoft Graph' box
- Click the 'Delegated permissions' box and in the 'Select permissions' search field type 'directory'. In the search results below click to expand 'Directory' and make sure that 'Directory.AccessAsUser.All' and 'Directory.Read.All' are ticked. Once ticked click the 'Add permissions' button at the bottom
- Finally, back on the 'API permissions' page, click the 'Grant admin consent for Default Directory' button in the 'Grant consent' section at the bottom and then click the blue 'Yes' button that pops up at the top of the page ... Your Azure setup is now configured, proceed to Part 2 to complete the setup in Method Grid ...
Part 2 | Completing the Microsoft setup in Method Grid
- Go to Account Settings (click your profile image top right) > Single Sign On > Configure Microsoft Azure Active Directory
- Enter the 'Application ID' and 'Client Secret' in their respective fields and click the save tick
- Now any team member who signs into Method Grid using their Microsoft login will be automatically added as member to your Method Grid account if they are not one already
Please note: If you remove a team member from your Microsoft Azure Active Directory, they will still exist in your Method Grid account but they will not be able to log in with Microsoft. If they were already an existing member of your Method Grid account before you configured SSO, they will still be able to log in to Method Grid with their original log in details. If you wish for them to be inactive in Method Grid, please be make sure you archive them. You can do this on the members page by clicking the 'Archive' (box file icon) associated with them (How do I manage members?)