Users whose ManageBac accounts are associated with Office 365 or Azure Active Directory (AD) can enable Single-Sign-On (SSO) via those applications if enabled by the school's ManageBac administrator.
Requesting Integration
Via Settings > Integrations > Partners
An admin on your account can request to enable either Login with Office 365 or Login with Azure Active Directory by navigating to Settings > Integrations > Partners, and clicking on Office 365 Single Sign-on.
Click Request Integration and confirm Yes in the pop-up prompt, to confirm your school's interest in enabling this feature. Below you will also find an example of what this will look like for your users when they attempt to login to ManageBac via Office 365 or Azure AD.
Once clicked, the button will change to Waiting for Integration and your Account Manager will be in touch within 1 business day to confirm your interest in enabling single sign-on. You can also find instructions on the right-hand side to understand how to configure the integration.
Enabling Login with Office 365
Once your subscription is confirmed, you can continue to configure enabling Single Sign-On with Office 365.
Step 1: Login to your Microsoft account
Login to Microsoft Azure and choose Azure Active Directory from the home screen.
Step 2: Add a new application

From the left panel navigate to App registration and click New registration.
Enter your Application Name (e.g. 'ManageBac - Faria International School'). Select Accounts in any organizational directory (Any Azure AD directory - Multitennant), then select Web for the Redirect URI and enter https://SUBDOMAIN.managebac.com/auth/microsoft_v2_auth/callback in the field next to Web type (replace SUBDOMAIN with your school's ManageBac domain).
Click Register to create your application.
Note: Schools with managebac.CN domains encountering difficulties using the Office 365 SSO option since August 27, 2018, need to change the redirect URI from .com to .cn and complete.
Add a Description for your secret, set the expiry date and click Add.
IMPORTANT: Copy the VALUE once the secret was added to paste into ManageBac. Once the changes have been saved on this page of Azure AD, you will no longer be able to copy the secret value.
Step 4: Enable on ManageBac

Logged in as an administrator on your ManageBac account, navigate to Settings > Integrations > Partners > Office 365 Single Sign-On, select Enabled and Office 365.
Paste your Secret Value (from the Certificates & Secrets of the application portal) into the Application Secret Password field.
From the Overview page copy and paste the Application (client) ID and Directory (tenant) ID into the Application (client) ID and Directory (tenant) ID fields on ManageBac. Click Save Changes.
Step 5: Enable for Mobile
Enable for iOS/macOS Apps
On the left panel of Microsoft Azure select Authentication, click Add a Platform and select iOS / macOS.
Use co.faria.mobilemanagebac
as the Bundle ID, click Configure and click Done.
.
Enable for Android Apps
On the Authentication page, click Add a Platform and select Android.
Use co.faria.mobilemanagebac
as the Package name, qDKNkciFKEb4GGQk016VnaGGEnk=
as the Signature hash, click Configure and click Done.
Step 6: Ensure Access Tokens & ID Tokens are enabled on Azure

Ensure that both Access Tokens and ID Tokens are enabled.
Step 7: Login

Users who are using an Office 356 account as their ManageBac emails will then be able to Sign-in with Office 365 on your school's ManageBac page.
Enabling Login with Azure AD
Once your subscription is confirmed, you can continue to configure enabling single sign-on with Azure Active Directory.
Step 1: Login to your Microsoft account
Login to Microsoft Azure and choose Azure Active Directory from the home screen.
Step 2: Add a new application

From the left panel navigate to App registration and click New registration.
Enter your Application Name (e.g. 'ManageBac - Faria International School'). Select Accounts in any organizational directory (Any Azure AD directory - Multitennant), then select Web for the Redirect URI and enter https://SUBDOMAIN.managebac.com/auth/azureactivedirectory/callback in the field next to Web type (replace SUBDOMAIN with your school's ManageBac domain).
Click Register to create your application.
Note: Schools with managebac.CN domains encountering difficulties using the O365 SSO option since August 27, 2018, need to change the redirect URL from .com to .cn and complete.
Step 4: Enable on ManageBac

Logged in as an administrator on your ManageBac account, navigate to Settings > Integrations > Partners > Office 365 Single Sign-On, select Enabled and Microsoft Azure AD.
From the Overview page copy and paste the Application (client) ID and Directory (tenant) ID into the Application (client) ID and Directory (tenant) ID fields on ManageBac. Click Save Changes.
Step 5: Enable for Mobile
Enable for iOS/macOS Apps
On the left panel of Microsoft Azure select Authentication, click Add a Platform and select iOS/macOS.
Use co.faria.mobilemanagebac
as the Bundle ID, click Configure and click Done.
Enable for Android Apps
On the Authentication page, click Add a Platform and select Android.
Use co.faria.mobilemanagebac
as the Package name, qDKNkciFKEb4GGQk016VnaGGEnk=
as the Signature hash, click Configure and click Done.
Step 6: Ensure Access Tokens & ID Tokens are enabled on Azure

Ensure that both Access Tokens and ID Tokens are enabled.
Step 7: Login

Users who are using an Azure AD account as their ManageBac email will then be able to Sign-in with Azure AD on your school's ManageBac page.
Frequently Asked Questions
Will logging out of ManageBac log me out of my Office 365 account?
Please note that logging out of ManageBac will not log you out of your Office 365 account. Therefore, we recommend using this service from your personal computer. If using a shared computer, ensure you log out of Office 365 entirely before ending your session.
Does enabling Login with Office 365 create new accounts or change emails of users on ManageBac?
No, it allows users whose ManageBac account is already associated with Office 365 to log in using Single Sign-On.
If a student changes a password for their Office 365 account, will it instantly sync for Single Sign-On, or will it take some time?
No sync of passwords is needed for Single Sign-On.
Does the Office 365 account have to come from the school or can any user with an Office 365 account login as long as their ManageBac email is associated with Office 365?
For Azure Active Directory, only users from the specified tenant for Office 365 can log in. For Office 365 alone, any accounts associated with Office 365 can log in using Single Sign-On as long as the email already exists on ManageBac.