In addition to traditional sign-on methods, the NetBeez dashboard supports single sign-on for Azure. The below steps will walk through the setup procedure.

1. As an administrator, log in to the Azure Active Directory admin center.

2. Click on “Enterprise applications” in the left sidebar navigation.

3. Click on “New application”.

4. Click on “Create your own application”.

5. Give your app a name such as “NetBeez” and select “Register an application...” under “What are you looking to do with your application?”. Then click the “Create” button.

6. On the next screen, select the appropriate “Supported account types” for your organization. In most cases, the “Accounts in this organizational directory only” will be the appropriate option.

7. Next add an entry under “Redirect URI”, first select "Web" from the dropdown. The URI should be your server FQDN followed by “/users/auth/azure_ad/callback” (eg. https://[your server FQDN]/users/auth/azure_ad/callback). Click “Register”.

8. Your application that will facilitate the single sign-on with NetBeez has been created and you should now see it under “Enterprise applications”. Click on the application.

9. Under “Single sign-on” located in the left navigation sidebar you should see some content about “OpenID Connect”, in that content, click Go to application.

10. In order to configure the NetBeez Azure AD setting, you will need the Application (client) ID and Directory (tenant) ID under the “Essentials” section.

11. Next you will need to create a client secret. Under the “Essentials” section you should see “Client credentials”. Click the link “Add a certificate or secret”.

12. Next you should see a section called “Client secrets”, click on the “New client secret” button.

13. Give your secret a description and pick your preferred expiration time. Then click the “Add” button. You should now see your secret under “Client secrets”, you will need the “Value” for your secret, this is the last piece of information required to configure the NetBeez Azure AD setting.

It is recommended that you maintain at least one local NetBeez administrator account.

14. Last we need to configure NetBeez with the information of the application you created in Azure. Navigation to “Settings” and then “Enterprise Authentication”. Expand the “Azure AD SSO” setting and enter the following information.

a. Application (client) ID: enter into Client ID.

b. Directory (tenant) ID: enter into Tenant ID.

c. Client secret Value: enter into Client Secret.

d. Roles:

If role mapping is on, the following fields are required:

If role mapping is off, no fields are required in this section. Click the Default Role dropdown and select which permission all new users should receive. After a new user logs in and receives their default role, an administrator can change their permissions on under the Settings > Users tab.

15. Click the “Save” button. Your Enterprise Authentication should now be enabled, and you should now see the “Log in with Azure AD” button on the login prompt.

Enhance your security and control with RBAC(Role-Based Access Control) for Azure SSO. This feature allows administrators to define and manage user roles and permissions, ensuring that only authorized users have access to sensitive information. With RBAC for Azure SSO, you can customize access based on your organization's needs.

To set up role-based access control for Azure SSO, you will need to create the groups inside Azure and assign users to the groups. Then the group IDs will need to be added to the NetBeez dashboard.

Note: Create a group for Admin, Read/Write, and Read Only