Provision new users and sign onto AutoElevate with your Azure AD identity provider. Setup with a single click and a quick mapping of your Azure users/groups to AutoElevate roles. This mapping allows you to manage the roles of your AutoElevate users, and which have access, right from Azure AD.
- Be advised, only an AE Administrator can enable this service.
- Azure AD multi-factor authentication (MFA) is required to log in with the ID Provider. This can be enabled under Users >Per-user MFA in Azure AD.
- This feature is only for Admin, Technicians, and those you wish to provide access to your AE Admin Portal and not end users.
- Only one role can be assigned to a user account and is required to access AE Admin Portal.
- AE user email must match Azure AD user account.
From the Settings screen in the AE Admin Portal https://msp.autoelevate.com you will need to edit the “Single Sign On” option (pencil icon) then click “ENABLE SSO WITH AZURE AD” button. It will then redirect you to login to your Microsoft account and accept permissions. You have the option to consent on behalf of your organization.
From here you can assign Azure AD users to the proper AutoElevate role by…
- Going to Enterprise Applications in Azure AD.
- Click on the AutoeElevate app that has been added.
- Click on “Assign users and groups”.
- Click on the user/group >Click “Select a role: None Selected” >Select role on right (default roles) >Click “Select” (bottom right) >Click “Assign” (bottom left)
Once these steps are taken, it can take from 30 seconds to a minute to add and propagate through the system.
- Note: Company Access is set to "All" companies by default. This can be modified under the Users screen in the AE Admin Portal for each user. If you wish to set a co-managed user or a user with limited company access, you will need to create the user first in the AE Admin Portal, setting their role and company access and SAVE only without sending an email. Then from Azure AD you can complete the setup by assigning the role to the user. You can add the co-managed user as an external user.
- Also, from the User screen Actions menu, you can "Remove Password" for existing users to enforce SSO.
Once complete the user can login from the AE Admin Portal using “LOG IN WITH AZURE AD” link.