Using Microsoft Azure Active Directory for Single Sign-on (SSO)

Noah ES provides its own authentication system (local system) but also provides the ability to integrate with other authentication systems. At present, Noah ES Supports integration with:

• Microsoft Azure Active Directory

• HIMSA also supports OpenID Connect
  https://himsanoah.atlassian.net/wiki/spaces/NESP/pages/3596877855

This document is split into two main sections:

• Set up for Azure Active Directory (AAD)

• Onboarding new Noah ES users and switching current Noah ES users from the local system to AAD

Related Topics

Set up for Azure Active Directory (AAD)

Preconditions:

• Your company has an AAD account set up and you have administrative privileges

• Your company has a Noah ES account and you have been set up in Noah ES as either a “Business Decision Maker” or “Technical Administration” user. At this point, your Noah ES user account will be using the local system.

Step 1 - Log in to the Noah ES portal

• For US Customers https://portal.us.noah-es.com/

• For EU Customers https://portal.eu.noah-es.com

Navigate to Settings > Single Sign-on and select the + icon in the upper right-hand area of the screen, Select Azure Active Directory.

Step 2 - Enter the necessary data

Enter data for the 2 fields:

• Name - text of your choice. This is just a label that will be visible on the user management screen (e.g. Always Listening Inc. AAD)

• Tenant ID - This is your AAD tenant ID, if you do not know it then the screen provides a link for assistance in looking it up.

• Logon Domain Hint - the name of your domain. This is not strictly necessary and can be skipped.

• Click on Create

Step 3 - Change your user to use AAD

• Via the Noah ES portal go to Manage Users and select to edit your Noah ES user account

• Under the “Login Method” select AAD selection that was just created.

• Save

Step 4 - Log out and Log back into Noah ES

Log back into the portal and enter your email address. You will now be directed to AAD for authentication.

At this point, you will be requested to provide consent that Noah ES may integrate.

Open

Once this has been accepted you may continue with onboarding Noah ES users.

Q: Is it possible to remove this integration at some point in the future?

A: Yes, you may delete the application from within Azure AD. Make sure to switch your users back to the local system or another authentication system first.

Open

Onboarding new Noah ES users so that AAD is used

Step 1 - Adding a new Noah ES User

When adding a new user select the AAD entry that is now available under the “Login Method”

Step 2 - New Noah ES users will receive an email to confirm and set password

The Noah ES user will now receive an email to set their password. Even though the user will use AAD the account must first be set up with a local password. Once the password is set by the user the user account will be confirmed. The user will not use this password again as long as AAD is used.

The Noah ES User Experience

Now the user can start the Noah ES Client software, and select Noah ES US or Noah ES EU. The browser will open for authentication and ask for their email address

Once they click on Next the process will then continue with AAD and any rules and feature set up will continue as you have configured.

Switching current Noah ES users from the local system

If you have users that have used the local system it is possible to switch them to use AAD. To do so just edit the user to use the AAD login selection.

The next time the user logs into Noah ES they will use AAD.

If you wish to enforce this change right away you can first set the user to save AAD, Save. Then, deactivate the user, reselect the user and activate. This will force the user to authenticate again and AAD will now be used.

Q: If I do integrate AAD with Noah ES do all of my users have to make use of AAD

A: No