How do I configure Microsoft Single Sign On (SSO)?

How to configure SSO for Method Grid using Microsoft.

NB: This feature is only available on our Enterprise plan.

Your Method Grid account must have a unique domain/URL for SSO to work

Configuring SSO for Microsoft

Part 1 | Setting up in Microsoft Azure Active Directory

  1. Log in to your Azure account
  2. Click 'Azure Active Directory' in the left hand menu (clicking the 3 stacked lines top left corner reveals this if you can't see it)
  3. Click 'Enterprise Applications'
  4. Click '+ New application' located above the dropdowns
  5. Click the 'Application you're developing' box
  6. Then click on 'Ok, take me to App Registrations to register my new application.'
  7. Click on '+ New registration' located above the blue information strip
  8. On the 'Register and application' page enter 'Method Grid' in the 'Name' field
  9. On the same page select the second radio button option in the 'Supported account types' section labelled 'Accounts in any organizational directory (Any Azure AD directory - Multitenant)'
  10. Finally on this page, in the 'Redirect URI (optional)' section, with 'Web' selected in the dropdown paste the following URL in the field alongside https://app.methodgrid.com/sso/azure-ad
  11. Click on the 'Register' button at the bottom of the page
  12. Copy the 'Application ID' (you will need to enter it into the Method Grid setup below)
  13. Click 'Certificates & Secrets' in the left hand menu and then '+ New client secret' in the 'Client secrets' section
  14. When the 'Add a client secret' panel appears, type something in the 'Description' field and select an expiry option (we recommend 'Never') then click the 'Add' button
  15. You will see that your new client secret has been added to a table. Copy the string of characters in the 'Value' column as you will need to enter it into the Method Grid setup in Part 2. NB: Store it in a safe place as you only get the chance to copy it on its creation
  16. Click 'API permissions' in the left hand menu. On the 'API permissions' page click the '+ Add a permission' button and in the panel that appears click the 'Microsoft Graph' box
  17. Click the 'Delegated permissions' box and in the 'Select permissions' search field type 'directory'. In the search results below click to expand 'Directory' and make sure that 'Directory.AccessAsUser.All' and 'Directory.Read.All' are ticked. Once ticked click the 'Add permissions' button at the bottom
  18. Finally, back on the 'API permissions' page, click the 'Grant admin consent for Default Directory' button in the 'Grant consent' section at the bottom and then click the blue 'Yes' button that pops up at the top of the page ... Your Azure setup is now configured, proceed to Part 2 to complete the setup in Method Grid ...

Part 2 | Completing the Microsoft setup in Method Grid

  1. Go to Account Settings (click your profile image bottom left) > Single Sign On > Configure Microsoft Azure Active Directory
  2. Enter the 'Application ID' and 'Client Secret' in their respective fields and click the save tick
  3. Now any team member who signs into Method Grid using their Microsoft login will be automatically added as member to your Method Grid account if they are not one already

 

Please note: If you remove a team member from your Microsoft Azure Active Directory, they will still exist in your Method Grid account but they will not be able to log in with Microsoft. If they were already an existing member of your Method Grid account before you configured SSO, they will still be able to log in to Method Grid with their original log in details. If you wish for them to be inactive in Method Grid, please be make sure you archive them. You can do this on the members page by clicking the 'Archive' (box file icon) associated with them (How do I manage members?)