Help & Documentation


Integrating with Azure Active Directory

Azure AD Integrations

Kutamo can be integrated with Microsoft Azure Active Directory, allowing you to sign into Kutamo with your existing organizational credentials. These are credentials typically configured in your organization's "Active Directory".

Azure Active Directory lets your company integrate with many other services aside from Kutamo, including Office 365, Salesforce and DropBox, and saves you having to log into each service individually.


Who is this document for?

This document is very technical in nature, and is specifically written for IT professionals who look after a company or organization's Azure Active Directory and Office 365 accounts.


What's Involved In Configuring Azure Active Directory

There are three main steps that must be followed in order to configure the integration of Azure Active Directory and Kutamo.

  1. Create an Azure AD Application
  2. Configure your Azure AD Application within Kutamo
  3. Notify your Organizational Users

Once this has been completed, your Organizational users will be able to use Kutamo with their local credentials.


Create an Azure AD Application

The first step to create your first Azure Active Directory Application is to visit the Microsoft Application Registration Portal.

https://apps.dev.microsoft.com/

Firstly enter a name for your application, such as "Kutamo", and an email address that Microsoft can send notifications to.

1 - Register Your Application

Next, select the type of application you'll be connecting to. In this instance, Kutamo is a "Single Page App" / "Javascript SPA".

Step 2 - Select Platform

Once created, you will be provided an Application ID, shown below in the orange box. Make a note of this, as you will need to enter this into the Kutamo site shortly.

At this point, you should also enter the Login page URLs for Kutamo, listed below.

https://www.kutamo.com/account/login_aad
Configure URLs

You will also need to configure what user information is presented to Kutamo. This is configured in the Microsoft Graph Permissions section of the same page.

Step 4 - Setting User Permissions

Finally, the Application Manfiest needs a slight adjustment - simply update the line

"oauth2AllowImplicitFlow": false,

to

"oauth2AllowImplicitFlow": true,
Step 5 - Manifest Changes

Once all these steps are completed, don't forget to click Save!


Configure your Azure AD Application within Kutamo

Once you have configured your Azure AD Application on the Microsoft Portal, you can now configure this in Kutamo.

Simply navigate to your Account page, follow the link to Advanced Options, and then select the Active Directory tab on the properties page. Or click the link below.

https://www.kutamo.com/ProfileAccountAdvanced

To configure the integration, simply complete the form.

Field Description Mandatory
Azure AD Application ID Enter the Application ID from above (it is different for every Organization, so make sure you kept a record of it)< Yes
Kutamo Login Code Enter a simple code that represents your company. This can be your company name, but must be just an alphanumeric identifier. This code is appended to a login URL for your users such as:
https://www.kutamo.com/login/mycompany
Yes
Note to your Users This allows you enter a personalized comment to your users that appears on the login page. It is useful to remind users that they are logging into Kutamo using your organization credentials, as some users may not know who Kutamo is. No
Advanced Account Options

Notify your Organizational Users

Your users can now log into Kutamo without having to register their details, as you are now successfully integrated with Azure AD.

Users can simply visit the custom login link that is shown on your Azure AD link page. It will be in the format below:

https://www.kutamo.com/login/mycompany

In the link above mycompany is the Kutamo Login Code specified above.

User Permissions

Depending on your User's settings, they may be asked for permission to share their details with Kutamo. They will see a popup window from Microsoft requesting this, similar to those below.

Users need select Yes or Accept in order to be able to log into Kutamo.

Kutamo only retrieves the following information from your Users:

  • Full Name
  • Email Address
  • Title
  • User Avatar or Image

Troubleshooting

Popup Windows

The most common issue with Azure Active Directory integration is the requirement for browser pop-up windows by Microsoft.

Browser Instructions
Google Chrome Go to Settings / Advanced / Privacy and Security / Content Settings and add https://www.kutamo.com/ to the list of allowed sites.
Mozilla Firefox Go to Options / Content / Pop-Ups / Exceptions, and add https://www.kutamo.com/ to the list of allowed sites.
Microsoft Edge Go to Settings / Advanced and disable popup blocking.

Azure AD Delays

From time to time, creating a new Application ID in Azure ID will take a few minutes to propagate through Microsoft's infrastructure. If you receive a message saying the ID was invalid, wait a few minutes and try again.