OpenBOM™ is a registered Trademark of Newman Cloud, Inc. | © 2022
OpenBOM supports SSO configuration and can provide a way to login to OpenBOM using credentials provided by external directory services. SSO is included OpenBOM Enterprise Subscription plan. This document describes how to configure OpenBOM SSO for Microsoft Azure AD.
General
- The customer must have a paid Company subscription.
- The SSO functionality applies only to the Web application (not integrations or Drive applications, yet)
- User accounts must exist in BOTH OpenBOM Team account dashboard AND SSO Azure (for now)
- Questions or issues should be reported to OpenBOM support via the in-app Support button or sending email to support@openbom.com
Integrating with Microsoft Azure AD (Microsoft Entra ID)
Before starting the integration process, you should have an OpenBOM Company subscription, and you must have requested SSO function to be activated for your company.
You can use only one (single sign-on) SSO provider at a time.
Register OpenBOM application in your Azure AD (Microsoft Entra ID) single sign-on account
1. Sign in to the Microsoft Azure portal. Click the menu icon at the top left corner to open the left side navigation pane.
2. Select Microsoft Entra ID in the navigation pane.
3. Select App registrations in the new navigation pane that opens on the left.
4. Add new registration of application by clicking Add → App registration.
5. Register new application
Set name to OpenBom, select Redirect URL to Web and set value to https://login.openbom.com/oauth2/v1/authorize/callback, and click Register.
6. On the opened page with registered application save values of Application (client) ID and Directory (tenant) ID.
7. Select Certificates & secrets in the navigation pane to add Client Secret, and click New client secret.
8. Add Client secret.
9. Save value of added Client Secret.
Configuration in OpenBOM
- Login as Company admin from your company to OpenBOM: https://bom.openbom.com/sign-in.
- Open Company Administrator page.
Company admin now has additional row Single Sign On. Click Configure SSO button.
3. Enter values saved on the Step 6 and Step 9 of Azure configuration, and save configuration. Additionally put name of your company to Company name field
.
4. Copy Login URL for your company where you will have possibility to login with Single Sign On.
5. Logout from OpenBOM and open Login URL from previous step. Example of link:
https://bom.openbom.com/sign-in?company=946cef84-5e84-3bd3-6cef-120e843bd356
Now you should see your company name and also Microsoft button to Single Sign On. Click on it to sign-in with Microsoft account from your Azure AD.
NOTE: Users in Azure AD and OpenBOM should be synchronized by company/team administrator manually within the first release of SSO. This means that if an administrator adds a user to Azure AD, they must also add the user to the OpenBOM team.
If you have any questions about OpenBOM SSO configurations please contact OpenBOM Support.