Integrations and Partners

AppStore Directory and Identify Connectors
  1. ManageBac
  2. Integrations

Enabling Login with Office 365 & Azure Active Directory (Single Sign-on)

Curriculum & Roles  Admin  Office 365 & Azure
Index

Users whose ManageBac accounts are associated with Office 365 or Azure Active Directory (AD) can enable Single-Sign-On (SSO) via those applications if enabled by the school's ManageBac administrator.

 

Requesting Integration

Via Settings > Integrations > Partners

An admin on your account can request to enable either Login with Office 365 or Login with Azure Active Directory by navigating to Settings > Integrations > Partners, and clicking on Office 365 Single Sign-on.

2021-12-21_19-11-37.png

Click Request Integration and confirm Yes in the pop-up prompt, to confirm your school's interest in enabling this feature. Below you will also find an example of what this will look like for your users when they attempt to login to ManageBac via Office 365 or Azure AD.

2021-12-21_19-14-25.png

Once clicked, the button will change to Waiting for Integration and your Account Manager will be in touch within 1 business day to confirm your interest in enabling single sign-on. You can also find instructions on the right-hand side to understand how to configure the integration. 

2021-12-21_19-16-41.png

 

Enabling Login with Office 365

Once your subscription is confirmed, you can continue to configure enabling Single Sign-On with Office 365. 

Step 1: Login to your Microsoft account

Login to Microsoft Azure and choose Azure Active Directory from the home screen.

 

Step 2: Add a new application

 

2021-12-21_19-21-43.png

From the left panel navigate to App registration and click New registration.

2021-12-21_19-25-42.png

Enter your Application Name (e.g. 'ManageBac - Faria International School'). Select Accounts in any organizational directory (Any Azure AD directory - Multitennant), then select Web for the Redirect URI and enter https://SUBDOMAIN.managebac.com/auth/microsoft_v2_auth/callback in the field next to Web type (replace SUBDOMAIN with your school's ManageBac domain). 

Click Register to create your application. 

Note: Schools with managebac.CN domains encountering difficulties using the Office 365 SSO option since August 27, 2018, need to change the redirect URI from .com to .cn and complete.

 

Step 3: Generate a New Password

2021-12-21_19-32-13.png

Via Certificates & secrets, click New client secret

2021-12-21_19-37-05.png2021-12-21_19-39-14.png

Add a Description for your secret, set the expiry date and click Add

IMPORTANT: Copy the VALUE once the secret was added to paste into ManageBac. Once the changes have been saved on this page of Azure AD, you will no longer be able to copy the secret value.

 

Step 4: Enable on ManageBac

2021-12-22_16-29-19.png

Logged in as an administrator on your ManageBac account, navigate to Settings > Integrations > Partners >  Office 365 Single Sign-On, select Enabled and Office 365.

2021-12-21_19-47-02.png

Paste your Secret Value (from the Certificates & Secrets of the application portal) into the Application Secret Password field.

2021-12-21_19-49-25.png

From the Overview page copy and paste the Application (client) ID  and Directory (tenant) ID into the Application (client) ID and Directory (tenant) ID fields on ManageBac. Click Save Changes

 

Step 5: Enable for Mobile 

Enable for iOS/macOS Apps

 

2021-12-21_19-53-14.png

On the left panel of Microsoft Azure select Authentication, click Add a Platform and select iOS / macOS.

2021-12-21_19-55-04.png

Use co.faria.mobilemanagebac as the Bundle ID, click Configure and click Done.

Enable for Android Apps

 

2021-12-21_19-53-14.png

 

On the Authentication page, click Add a Platform and select Android.

 

2021-12-21_20-05-05.png

Use co.faria.mobilemanagebac as the Package name, qDKNkciFKEb4GGQk016VnaGGEnk= as the Signature hash, click Configure and click Done.

 

Step 6: Ensure Access Tokens & ID Tokens are enabled on Azure

2021-12-21_20-08-58.png

 

Ensure that both Access Tokens and ID Tokens are enabled.

 

Step 7: Login

2021-12-21_20-12-08.png

Users who are using an Office 356 account as their ManageBac emails will then be able to Sign-in with Office 365 on your school's ManageBac page.

 

Enabling Login with Azure AD

Once your subscription is confirmed, you can continue to configure enabling single sign-on with Azure Active Directory. 

Step 1: Login to your Microsoft account

Login to Microsoft Azure and choose Azure Active Directory from the home screen.

 

Step 2: Add a new application

 

2021-12-21_19-21-43.png

From the left panel navigate to App registration and click New registration.

 

2021-12-21_19-25-42.png

Enter your Application Name (e.g. 'ManageBac - Faria International School'). Select Accounts in any organizational directory (Any Azure AD directory - Multitennant), then select Web for the Redirect URI and enter https://SUBDOMAIN.managebac.com/auth/azureactivedirectory/callback in the field next to Web type (replace SUBDOMAIN with your school's ManageBac domain). 

Click Register to create your application. 

Note: Schools with managebac.CN domains encountering difficulties using the O365 SSO option since August 27, 2018, need to change the redirect URL from .com to .cn and complete.

 

Step 4: Enable on ManageBac

2021-12-22_16-29-25.png

Logged in as an administrator on your ManageBac account, navigate to Settings > Integrations > Partners >  Office 365 Single Sign-On, select Enabled and Microsoft Azure AD.

2021-12-21_19-49-25.png

From the Overview page copy and paste the Application (client) ID  and Directory (tenant) ID into the Application (client) ID and Directory (tenant) ID fields on ManageBac. Click Save Changes

 

Step 5: Enable for Mobile 

Enable for iOS/macOS Apps

2021-12-21_19-53-14.png

On the left panel of Microsoft Azure select Authentication, click Add a Platform and select iOS/macOS.

2021-12-21_19-55-04.png

Use co.faria.mobilemanagebac as the Bundle ID, click Configure and click Done.

 

Enable for Android Apps

 

2021-12-21_19-53-14.png

On the Authentication page, click Add a Platform and select Android.

2021-12-21_20-05-05.png

Use co.faria.mobilemanagebac as the Package name, qDKNkciFKEb4GGQk016VnaGGEnk= as the Signature hash, click Configure and click Done.

 

Step 6: Ensure Access Tokens & ID Tokens are enabled on Azure

2021-12-21_20-08-58.png

Ensure that both Access Tokens and ID Tokens are enabled.

 

Step 7: Login

2021-12-21_20-31-24.png

Users who are using an Azure AD account as their ManageBac email will then be able to Sign-in with Azure AD on your school's ManageBac page.

 

Frequently Asked Questions

Will logging out of ManageBac log me out of my Office 365 account?

Please note that logging out of ManageBac will not log you out of your Office 365 account. Therefore, we recommend using this service from your personal computer. If using a shared computer, ensure you log out of Office 365 entirely before ending your session.

Does enabling Login with Office 365 create new accounts or change emails of users on ManageBac?

No, it allows users whose ManageBac account is already associated with Office 365 to log in using Single Sign-On.  

If a student changes a password for their Office 365 account, will it instantly sync for Single Sign-On, or will it take some time?

No sync of passwords is needed for Single Sign-On.

Does the Office 365 account have to come from the school or can any user with an Office 365 account login as long as their ManageBac email is associated with Office 365?

For Azure Active Directory, only users from the specified tenant for Office 365 can log in. For Office 365 alone, any accounts associated with Office 365 can log in using Single Sign-On as long as the email already exists on ManageBac.

Was this article helpful?
0 out of 0 found this helpful

Menu