Office 365 / Azure AD Single Sign-On (SSO) Integration Instructions for the Anterra Platform

Office 365 / Azure AD Single Sign-On (SSO) Integration Instructions for the Anterra Platform

Overview

If you're looking to simplify the way your users access the Anterra Platform, eliminate management of an additional password, and increase your enterprise's overall security, you've come to the right place!  Many companies use Office 365 for their e-mail and calendar, part of that offering is the ability to allow your users to single sign-on to 3rd party applications which is handled and managed in the Microsoft Azure Portal.  This document outlines the steps required to configure Azure Active Directory (AzureAD) to single sign-on (SSO) to the Anterra Platform.
The Anterra Platform is only available through POST authentication. This means that users will initiate their login to the Anterra Platform from the Office 365 portal. Logging in from the Anterra Platform authentication page will allow users that have established a password with Anterra to have a secondary way to login which is useful if the Office 365 portal or Azure authentication services are unavailable.

User Accounts / Security Considerations

Accounts that are logged into must already be configured in Anterra in User Administration with the appropriate permissions. Once the user is setup and the application is available to them through your Office 365 portal they can login without establishing a password on Anterra. These accounts can only be accessed through SSO. If you choose you can still initiate an invite to setup a password for any user which will allow them to login using that password through our standard login page (https://auth.anterracloudbi.com). Users who can only login via SSO are indicated in User Administration with a red color on the e-mail invite icon.

Create Enterprise Application

The following steps initiate the process of getting single sign-on configured between Anterra and your Azure AD. Once these steps are complete
  1. Login to your Azure Portal (https://portal.azure.com)
  2. Navigate to the Azure Active Directory you want to integrate Anterra with 
  3. Navigate to Enterprise applications inside your Active Directory
  4. Click the New application button
      

  5. Click the Create your own application button
      

  6. Type Anterra Platform for the name of the application and choose Integrate any other application you do not find in the gallery (non-gallery)
  7. To use the Anterra logo for the application (instead of just a letter) you can optionally:
    1. Right-click and Save As to download this image: 
    2. Click on Properties on the left side of the Azure interface
    3. Click the  icon and browse to the file downloaded above
  8. Click on Single sign-on then choose SAML as the single sign-on method

  9. Click here to open a new tab/window and login to the Anterra Platform
  10. Once you are logged in, click this link to download our metadata file
  11. Click Upload metadata file and upload the file downloaded in the previous step
      

  12. Set SAML signing options to “Sign SAML response and assertion”  here

Submit SSO Information to Anterra

  1. Start from the previous section (Azure Portal > Azure Active Directory > Enterprise Applications > Anterra Platform > Single sign-on)
  2. Click here to open our SSO Setup Form in a new tab
  3. Download the Base64 certificate here:
  4. Copy the Login URL, Azure AD (Active Directory) identifier, and Logout URL and provide it in the form:
  5. You're done, submit the form to Anterra.  Once we've reviewed your information we'll schedule pushing out the changes to our authentication servers.

Provisioning Users

Giving Access to ALL Users

Accounts that are not first provisioned in Anterra User Administration will not be able to access the Anterra Platform.
  1. From inside Azure Portal > Azure Active Directory > Enterprise Applications > Anterra Platform choose Properties
  2. Set Assignment required? to No which will give ALL users in your organization access to the Anterra Platform


Giving Access to Specific Users / Groups

  1. From inside Azure Portal > Azure Active Directory > Enterprise Applications > Anterra Platform choose Users and groups
  2. Click Add user/group and choose the users and/or groups of users you wish to assign access to the Anterra Platform

Accessing the Anterra Platform through Office 365

Users can access the Anterra Platform by bookmarking: https://www.office.com/apps

OR

After logging into https://portal.office.com clicking the square of 9 dots at the top left, then All apps then search for Anterra or scroll to Anterra Platform under Other apps.


    • Related Articles

    • Anterra Version v28 Release Notes

      AnterraBI™ v28 has been released to Production! Below are the enhancements available today. Summary S-curve Billing and Cost Graphs – measure earned value/billings ahead and behind S-curves Anterra Ad Hoc – integration of Amazon QuickSight S -curve ...
    • Anterra Platform License Agreement

      Hosted Software License Agreement THIS DOCUMENT IS A LEGAL AGREEMENT BETWEEN LICENSEE AND LICENSOR. BY CLICKING ON “I AGREE” BELOW AND INSTALLING THE HOSTED SOFTWARE, YOU, ON BEHALF OF LICENSEE, AGREE AND ARE SUBJECT TO THE LICENSE TERMS SET FORTH ...
    • AnterraDataCenter Prerequisites Documentation

      AnterraDataCenter™ Prerequisites Documentation Required Software Components Sage ODBC Sage ODBC is required to be fully operational for each computer running the AnterraDataCenter™ tools. This requires a Sage server or client install with a purchased ...
    • Anterra Widget Dashboards

      Overview of Widgets – Build Your Own Dashboards Widgets allow you to build your own dashboards from a selection of pre-built and self-built widgets (built-in Widget Builder). You can build as many dashboards as you like using any combination of ...
    • 'Timberline Version Changed' appears when anterraDataCenter opens

      Background When anterraDataCenter opens, a dialog box with the title "Timberline Version Changed" appears Each time anterraDataCenter opens, a message appears that has the following text in it: "Timberline version has recently been updated. SQL ...