Single Sign On Using Azure AD OpenID Connect (oAuth 2.0)
CompliSpace supports the integration with Azure AD using Azure AD OpenID Connect (OAuth 2.0) for authentication.
CompliSpace Products support tenant and section access authorisation using the Azure AD Graph API to access user Active Directory group memberships (The 'memberOf' endpoint of the Graph API is required to retrieve the user's group memberships).
The Client Administrator will need to explicitly provide CompliSpace permission to access the user's group information on behalf of the user by using a one-time approval link provided by CompliSpace of the form.
Please review our Technical Notes and Implementation Journey (below) for more information about the steps required integrate with CompliSpace Products using Azure AD.
Implementation Journey
| Step | Details |
|---|---|
| 1. | The client provides their CompliSpace Consultant Team with ICT manager (or equivalent) contact details. |
| 2. | CompliSpace Consultant Team provides the Client our Single Sign On Form. |
3. | Client completes an online Single Sign On (SSO) Questionnaire. |
| 4. | CompliSpace will provision relevant CompliSpace Products for SSO. |
| 5. | CompliSpace will provide the client with a one-time permission link. |
| 6. | The client accesses the one-permission link and approves the permission request. |
| 7. | CompliSpace will liaise with the client to establish user groups and site codes. |
| 8. | CompliSpace will liaise with the client to test SSO. |
| 9. | Once SSO testing is successfully completed, SSO switched on. |
| 10. | The client communicates to local users access availability. |