Solver Cloud and Private Host support multiple user login authentication methods. These methods include
- Portal Authentication: an in-app authentication method
- Azure AD Authentication: sync your organization's Azure AD to the Solver Application
- AD authentication: sync your organization's AD to the Solver Application
For Solver Cloud Customers the following authentication methods are supported:
- Portal Authentication
- Azure AD Authentication
For Solver Private Host customer, all above authentication methods are supported.
This article will detail setting up your Azure AD with Solver.
Azure AD Supported Features
Solver's Azure AD (AAD) integrates into your organization's Azure Settings to support
- Authenticating against the user's AAD password
- Multi-factor authentication, if enabled within the organization's AAD
- SSO, if enabled within the organization's AAD
Solver Support does not assist in the configuration of these features with your organization's AAD.
- Solver Cloud requires at least one non-AAD authenticated account within the application. These users are identified by being assigned a Company Admin (Settings >> Administration)
Users can opt to login with either the Azure AD credentials or "Portal Authentication". Upon navigating to the Solver site, users can type in their password that they used to setup their account or click the Sign In with Microsoft icon to sign in with their Azure AD credentials.
For organizations that wish to enforce Azure AD authentication only, please follow these steps:
- As a company admin, log into Solver
- Navigate to Settings >> Administration and Click Overview at the Company level
- Under Azure Active Directory, add your organizations Azure AD name and click the + icon. Your Azure AD will appear in the list below. Add multiple AAD domains if applicable
By adding this domain, you have now locked Solver to only users that can authenticate against the provided domain(s), except those that have been assigned to the Company Administrators group.
NOTE: Users in the same AAD domain are locked to only use AAD authentication that are added after enabling AAD domain. Administrator can still add users that are not part of the AAD domain.
When adding users with Azure AD authentication enforced, users will register against their Microsoft Credentials.
- Add the user(s) to the tenant they are to have access to.
- Upon adding the user, they will receive an email invite
- Upon clicking the link in the email invite, users will click a Register button to sign in with their Microsoft credentials and will have successfully created their account in Solver.
As a reminder, email links become invalid after 30 minutes.
Solver and Azure Multi-Factor Authentication
Solver supports organizations who have turned on multi-factor authentication from within their Azure AD. For Azure AD authenticated users, the MFA setting as configured in the AAD is the only setting that is "read" for MFA. With this in mind, the application will act in the following way.
|MFA on AAD Setting||Portal MFA Setting||User Experience|
|On||On||MFA thru AAD enabled|
|On||Off||No MFA Prompt|
|Off||On||No MFA prompt|
|Off||Off||No MFA prompt|
If a user needs to reset MFA, please reference this article for details on this process.