Summary:
This article details how to set up your Azure Active Directory (AAD) with Solver. Solver Cloud and Private Host support multiple-user login authentication methods. These methods include:
Authentication Method | Description | Solver Cloud | Solver Private Host |
Portal Authentication | In-app Authentication Method | ||
Azure Active Directory (AAD) | |||
Active Directory (AD) |
NOTE: AAD is the only option available for Cloud. If you are a SAML or OKTA customer, we do not support it right now, and at this time must only use Portal auth.
Method:
Solver's Azure Active Directory (AAD) integrates into your organization's Azure Settings to support the following:
- Authenticating against the user's AAD password.
- Multi-Factor Authentication (MFA), if enabled within the organization's AAD.
- SSO, if enabled within the organization's AAD.
Note: Solver Support does not assist in the configuration of these features with your organization's AAD.
Requirements
Solver Cloud requires at least one non-AAD authenticated account within the application. These users are identified by being assigned a Company Admin (Settings > Administration)
Setup
Users can opt to login with either the AAD credentials or "Portal Authentication". Upon navigating to the Solver site, users can type in their password that they used to set up their account or click the Sign In with Microsoft icon to sign in with their AAD credentials.
For organizations that wish to enforce AAD authentication only, please follow these steps:
- As a company admin, log into Solver.
- Navigate to Settings > Administration and Click Overview at the Company level.
- Under Azure Active Directory, add your organization's AAD name and click the + icon. Your Azure Active Directory will appear in the list below. Add multiple AAD domains if applicable.
By adding this domain, you have now locked Solver to only users who can authenticate against the provided domain(s), with the exception of those who have been assigned to the Company Administrators group.
NOTE: Users in the same AAD domain who are added after enabling AAD domain are locked to only use AAD authentication. Administrators can still add users that are not part of the AAD domain.
Adding Users
When adding users with Azure Active Directory authentication enforced, users will register against their Microsoft Credentials.
- Add the user(s) to the tenant to they are to have access to.
- Upon adding the user, they will receive an email invite.
- Upon clicking the link in the email invite, users will click a Register button to sign in with their Microsoft credentials and will have successfully created their account in Solver.
As a reminder, email links become invalid after 30 minutes.
Solver and Azure Multi-Factor Authentication
Solver supports organizations who have turned on Multi-Factor Authentication (MFA) from within their Azure AD. For AAD authenticated users, the MFA setting as configured in the AAD is the only setting that is "read" for MFA. With this in mind, the application will act in the following way:
MFA on AAD Setting | Portal MFA Setting | User Experience |
On | On | MFA thru AAD enabled |
On | Off | No MFA Prompt |
Off | On | No MFA prompt |
Off | Off | No MFA prompt |
If a user needs to reset MFA, please reference this article for details on this process.
Password Resets
With Azure AD, a password reset, especially those that are invoked by your AAD administrator can take 15 minutes to update and take effect. You may find that your new password may not initially work after performing a password change for up to 15 minutes in Solver Cloud.
Properties:
Cloud
Private Host