Help Center
News
Go back to administration
Help Center
News
Go back to administration
Reporting Channels
Reporting Channels
Reporting Form
Hotline
Administration Features
DashboardAnalyticsCategories
Managing Reports
Managing Members
Settings
Report Features
How to ensure security when sending reports
Privacy & Security
Single sign on (SSO)SSO setup guideProtection against virusesEncryption
General
How to use statistics in Power BI?Supported languagesSystem requirementsData Hosting
Integrations
Make integrationZapier integrationAsana integration (via Make)Asana integration (via Zapier)ClickUp integration (via Make)ClickUp integration (via Zapier)Microsoft Teams integration (via Zapier)Slack integration (via Make)Slack integration (via Zapier)
Partner Administration
Demo organizationsCreate a new organizationHow to access client administrationHow to extend a trial periodHow to activate a client accountAdd a new memberAdd a new member in a client organizationDelete a memberMaterialsWhite label

SSO setup guide

Setting Up Single Sign-On with Azure AD (SSO)

If you are using NNTB, only links to the auth domain are on FaceUp. Other names could be what you want.

You can use an OIDC platform

  1. Sign in to Azure and go to "Azure Active Directory"
  2. Go to the "Overview" of your Default Directory
  3. Go to "App Registration" (Link located in footer of "Overview")
    1. Name it something along the lines of "FaceUp SSO" or "NNTB SSO" or what you like
    2. Set the Redirect URI to https://www.auth.faceup.com/oauth2/idpresponse (for US data hosting use https://www.us-west-1-auth.faceup.com/oauth2/idpresponse)
    3. Click “Register”
  4. Navigate To "Branding"
    1. Set Home page URL to https://www.admin.faceup.com/sso or https://www.admin.nntb.cz/sso or https://www.admin.nntb.sk/sso
    2. Save
  5. Navigate To API Permissions
    1. Click "Add Permission"
    2. Click “Microsoft Graph”
    3. Click "Delegated Permissions"
      1. Type "email" in search field and check "email"
      2. Type "offlineaccess" in search field and check "offlineaccess"
      3. Type "openid" in search field and check "openid”
      4. Type "profile" in search field and check "profile"
      5. Type "User" in search field and check "User.Read"
    4. Click "Add Permissions" (or “Update permissions”)
    5. Click "Grant Admin Consent for <your tenant name>" (Might Not Show Up Until We Setup the app)
  6. Navigate To "Certificates & secrets"
    1. Click "New Client Secret"
    2. Name it something along the lines of "SSO"
    3. Set Expiration to whichever suits your use case best
    4. Click "Add"
    5. Secret key will only be available just this once. Please temporarily copy it to a text file. Otherwise you need to create a new one next time.
  7. Navigate To "Overview"
    1. Temporarily Copy "Application (client) ID" to a text file
    2. Temporarily Copy "Directory (tenant) ID" to a text file
    3. Login to FaceUp/NNTB administration
  8. Navigate to "Settings"
    1. Click “Organization settings” (be sure to be an admin, having settings access, and in top organization in the list)
  9. In the "Single Sign-On" Form
    1. Set "Provider URL" to https://login.microsoftonline.com/<tenant>/v2.0 (Replace the <tenant> with the "Directory (tenant) ID" you copied to temporary text file from earlier)
    2. Set "Client ID" to the "Application (client) ID" you copied to temporary text file from earlier
    3. Set "Client Secret" to the "Client Secret" you copied to temporary text file from earlier
    4. Click “Save changes” (all existing users and new ones except yours will login with SSO, they will get notification email. They will be unable to login with their password right now, but only with AzureAD)
  10. Back In "Azure Active Directory"
    1. Navigate to Your "FaceUp SSO" (or "NNTB SSO" or name you have chosen)  App if you're not already there
    2. Navigate To "API permissions"
    3. Click "Grant Admin Consent for FaceUp SSO" - the name could be different ("NNTB SSO" or name you have chosen) (Might Not Be There if Permissions Were Already Granted)
  11. You're Done! Users will need to login using the SSO Page (https://www.admin.faceup.com/sso or https://www.admin.nntb.cz/sso or https://www.admin.nntb.sk/sso)
English
Powered by Product Fruits