To allow users in your organisation's Azure AD to sign up - and sign in - to Gluu with ease you need to do the following:
Step 1: Approve Gluu as app in your Azure AD
- Log in to your Azure portal (as administrator).
- Approve Gluu as app.
- Select the AD groups that you will allow to access Gluu. (This is useful if you're part of a large organisation but only a smaller group will use Gluu - groups can then be added or changed if you expand later).
- Log in to Gluu (as Account Owner) and go to 'Account and users'. Scroll to the bottom of the page and find the widget 'Authentication'. (see the image below)
NOTE! It's important that the Gluu Account Owner and the AD administrator is the same (email.)
- Add your Azure AD Tenant ID. Then add the groups that you allowed to access Gluu:
Now users that are in your Azure AD can easily sign up and sign in to your organisation's Gluu account.
Step 2: Your users can sign in to Gluu
When you're ready to deploy then send the users that you want to invite an email with a link to https://secure.gluu.biz/#/login - ask people to click the button with the Microsoft logo:
Each user will then be authenticated against your Azure AD (and the groups you added). If the user's email matches and the user is in the group, then he/she will enter Gluu.
From now on, he/she can enter Gluu by clicking the Microsoft button. Users don't have to create any separate passwords.
Adding roles and rights
Roles and rights have to be added to the user after he or she has accessed and been set up. See this article on managing rights.
How to revoke access
This access will be granted until the user is removed from your Azure AD domain and/or the groups that you have allowed to access. So, if you want to stop a user from accessing Gluu, then he/she should be removed from your Azure AD (or the allowed groups).
Authenticating users that are already in Gluu
If a user has been added before the AD integration was setup up, then this user can also access with authentication by clicking the Microsoft sign in button.
Tip! If you want to add roles and rights to users before they sign in, then add them to Gluu manually first - without inviting them. You can then send out a common email with the link and instruction to sign in by clicking the Microsoft sign in button. Gluu can help you import larger sets of users. Just send the list to our helpdesk.
Tags: Integrations, IT Support, Technical