Single Sign-on - Login Using Azure Active Directory

This page is for configuring SSO for Maytas. To configure it for Maytas Hub, please follow the Maytas Hub SSO guide.

It is possible to login to Maytas using credentials from an Azure AD account. First this needs to be configured, which requires your Azure AD client ID and tenant (your Azure AD system administrator should be able to provide these values):

1. In Maytas, click the M5 button at the top left and select Options.
2. Go to Admin on the left (under the Maytas header).
3. In the Azure AD section, tick the boxes for the three Azure AD settings and enter their values:
   • Azure AD ClientId - Value provided by administrator
   • Azure AD Instance - This should be set to https://login.microsoftonline.com/
   • Azure AD Tenant - Value provided by administrator
4. Click OK.

Next, each user who needs to login using this feature must have the email address associated with their Azure AD account entered against their Maytas user account:

1. Go to Tools | Edit Permissions.
2. Right-click the user and select Edit.

3. Enter the Azure AD email address in the SSO Email box.

   

4. Click OK, then click Apply.

When a configured user now opens Maytas, if their configured credentials are recognised by Azure then they will be automatically logged into Maytas. Otherwise, the login prompt will now display a separate window (shown below) that can be used by configured users to select which Azure AD account to use. Alternatively, the window can be closed to login to Maytas as normal with Maytas credentials.

Finally, the desktop return URL and platform type in Azure must be set. The return URL must be set to:

https://login.microsoftonline.com/common/oauth2/nativeclient

The platform type for Maytas must be set to Mobile and desktop applications.

For further details on configuring Azure, see here.