The Azure SSO (Single Sign-On) add-on enables administrator authentication via Microsoft Azure Active Directory (Azure AD) using OAuth 2.0. It allows user verification through their Azure AD account and supports two-factor authentication.
It simplifies login with Azure AD credentials, strengthens security with two-factor authentication, and centralizes access control for Splynx users.
To obtain the necessary credentials for configuring the Azure SSO add-on in Splynx, follow these steps:
After this, you will recieve Client ID and Client Secret Key.
Client ID:
Client Secret Key:
You can install the Azure SSO add-on in two methods: via the CLI or the Web UI of your Splynx server.
To install it via CLI, the following commands can be used:
apt-get update
apt-get install splynx-azure-sso
To install the add-on via the Web UI, navigate to Config → Integrations → Add-ons
:
Locate or search for the splynx-azure-sso
add-on and click the Install icon in the Actions column:
Click the OK, confirm
button to begin the installation process:
After the installation process, configure the add-on in Config → Integrations → Modules list
:
Locate or search for the splynx_azure_sso
module and click the Edit (Config) icon in the Actions column:
Under Common settings, enter your Splynx URL
(without the trailing slash), along with your Client ID
and Client secret key
obtained earlier from your Azure account:
Once all configurations are complete, the admin can log in to the system using Azure AD. The corresponding button will appear on the start page. Then, enter your Outlook credentials to log in to the system.
Microsoft Azure AD uses the OAuth 2.0 Authorization Code Flow to authenticate users.
API is used to interact with Azure AD.
Two-factor authentication (2FA) is implemented using TOTP (Time-based One-Time Password), which is compatible with Google Authenticator.
Steps to Enable 2FA and log In:
Go to the admin's Profile and enable 2FA.
Install the Google Authenticator app on your phone.
Scan the QR code from your profile.
Enter the one-time password from the app.
Log in again using Azure AD.
After entering your Outlook credentials, the system will prompt you to enter a code from the email.
If the 2FA code is correct, you will be redirected to the Dashboard.