The Azure Active Directory connector allows SigningHub to connect with Microsoft Azure Active Directory to authenticate users both at the time of login and at the time of signing. By using this connector, the SigningHub users can authenticate themselves by using their (same) Azure Active Directory credentials. For this, SigningHub needs to be registered with Azure Active Directory

Create an Azure Active Directory connector

  1. Click the "Configurations" option from the left menu.
  2. Click the "Connectors" option. 
    The "Connectors" screen will appear.
  3. Click  from the grid header.

  4. A dialog will appear to add the connector details. The connector dialog is comprised of two screens, i.e. Basic Information and Details. Specify the basic information and click the "Next" button to provide the respective connector details. 
  5. Click the "Finish" button. A new connector will be saved and displayed in the list. See the below table for fields description. 


Azure Active Directory Connector

Fields

Description

Name

Specify a unique name for this connector, i.e. My Azure Active Directory. This connector will be used in the configuration of Authentication Profiles.

Provider

Select the provider for this connector, i.e. "Azure Active Directory". 

Purpose

This field will display the purpose of the selected provider above, i.e. the purpose of "Azure Active Directory" is "Authentication".

Logo

Select an appropriate image in the jpeg, jpg, gif or png format for the connector's logo that will be displayed on the login screen.

Client ID

Specify the registered client ID that has been provided by Azure Active Directory during account configuration, e.g.
 "d6920aa5-258b-a520-b0gh-870503xv8b4d". 
SigningHub will use this ID to communicate with the Azure Active Directory server.

Client Secret

Specify the client secret that has been provided by Azure Active Directory during account configuration, e.g.
"hniZYHqPEcKy6H25-LjzSX0Q".

Account Type

Specify whether the account type is Single Tenant or Multi Tenant. 
A single tenant account allows the accounts within the same organisational directory only to use the application. While a multi tenant account allows all the organisational directories to use the application.

Tenant ID

This field will only appear when the account type is "Single Tenant". Specify the tenant ID as provided by Microsoft Azure at the time of app registration.

Active

Tick this check box to make this connector active. Inactive connectors cannot be configured in the Authentication Profiles.


  1. ​In order to make your Azure Active Directory application running, you need to manually update a property on the Azure Portal under the application's manifest.
    For this:
  • Click Manifest at the left pane describing your app.
  • Change the value of the oauth2AllowImplicitFlow property to True. If the property is not present, add it and set its value to true.
  • Click "Save" to save the modified manifest.
  1. For example if your SigningHub site is "https://web.signinghub.com" then the Callback URL for SigningHub will be "https://web.signinghub.com/OAuth/AzureADCallBack".
  2. In addition to "User.Read", an additional mandatory permission, "Directory.Read.All", will have to be configured for pre-authorisation of users in Azure Active Directory.




See Also