Azure AD (Office 365) for SSO

TimeTap uses SAML 2.0 for Single Sign. Following is how you set this up on Azure/Office 365.

This feature is available on our Enterprise plans.

High Level Process

  1. Customer provides their IDP metadata file to TimeTap.

  2. TimeTap configures the customer integration and provides a metadata file which includes the certificate and non-production consume endpoints (one for Client Scheduler and one for Back Office).

    1. For Client Scheduler SSO we also need to provide the login endpoint

  3. Customer sets up and tests the integration using the certificate and endpoints provided.

  4. Once testing is good, TimeTap updates the configuration to point to production instead of non-production, and provides the production endpoints.

  5. Customer updates their production environment with the production endpoints.  Once updated, SSO authentication will be live.

Setup

You will need Azure Admin permissions to perform the following tasks.

 

In Azure Admin Portal click on the “Create your own application” button.

Give it a name. and select the Non Gallery option

It will create a shell application. Edit the basic

Add appropriate user(s)/ groups Now you will be able to test.

 

If a user testing is not in the group that has permission to this application the following error may show up.