Integrations and Partners

AppStore Directory and Identify Connectors
  1. ManageBac
  2. ManageBac
  3. Integrations

Enabling Login with Microsoft & Azure Active Directory (Single Sign-on)

Curriculum & Roles  Admin  Office 365 & Azure
Index

Users whose ManageBac accounts are associated with Microsoft or Azure Active Directory (AD) can enable Single-Sign-On (SSO) via those applications if enabled by the school's ManageBac administrator.

 

Requesting Integration

Via Settings > Integrations > Partners

An admin on your account can request to enable either Login with Office 365 or Login with Azure Active Directory by navigating to Settings > Integrations > Partners, and clicking on Microsoft Single Sign-on.

2023-06-12_14-41-30.png

Click Request Integration and confirm Yes in the pop-up prompt, to confirm your school's interest in enabling this feature. Below you will also find an example of what this will look like for your users when they attempt to login to ManageBac via Microsoft or Azure AD.

2023-06-12_14-49-24.png

Once clicked, the button will change to Waiting for Integration and your Account Manager will be in touch within 1 business day to confirm your interest in enabling single sign-on. You can also find instructions on the right-hand side to understand how to configure the integration. 

2021-12-21_19-16-41.png

 

Enabling Login with Microsoft and Azure AD

Once your subscription is confirmed, you can continue to configure enabling single sign-on with Azure Active Directory. 

Step 1: Login to your Microsoft account

Login to Microsoft Azure and choose Azure Active Directory from the home screen.

 

Step 2: Add a new application

2021-12-21_19-21-43.png

From the left panel navigate to App registration and click New registration.

2023-10-27_16-35-01.jpg

Enter your Application Name (e.g. 'ManageBac - Faria International School'). Select Accounts in any organizational directory (Any Azure AD directory - Multitennant), then select Web for the Redirect URI and enter https://SUBDOMAIN.managebac.com/auth/azureactivedirectory in the field next to Web type (replace SUBDOMAIN with your school's ManageBac domain). 

Click Register to create your application. 

Note: Schools with managebac.CN domains encountering difficulties using the O365 SSO option since August 27, 2018, need to change the redirect URL from .com to .cn and complete.

 

Step 3: Enable on ManageBac

2023-06-12_14-41-56.png

Logged in as an administrator on your ManageBac account, navigate to Settings > Integrations > Partners >  Microsoft, select Edit to customise the integration.

2021-12-21_19-49-25.png

From the Overview page copy and paste the Application (client) ID  and Directory (tenant) ID into the Application (client) ID and Directory (tenant) ID fields on ManageBac.

2023-06-14_13-10-38.png

Click Save Changes

 

Step 4: Enable for Mobile Apps

Enable for iOS/macOS Apps

2021-12-21_19-53-14.png

On the left panel of Microsoft Azure select Authentication, click Add a Platform and select iOS/macOS.

2021-12-21_19-55-04.png

Use co.faria.mobilemanagebac as the Bundle ID, click Configure and click Done.

 

Enable for Android Apps

 

2021-12-21_19-53-14.png

On the Authentication page, click Add a Platform and select Android.

2023-09-19_18-11-07.png

Use co.faria.mobilemanagebac as the Package name, zSYcr+Jl98M38cUv7Kq7kzsN38A= as the Signature hash, click Configure and click Done.

 

Step 5: Ensure Access Tokens & ID Tokens are enabled on Azure

2021-12-21_20-08-58.png

Ensure that both Access Tokens and ID Tokens are enabled.

 

Step 6: Log in

2023-06-12_14-44-21.png

Users who are using an Microsoft or Azure AD account as their ManageBac email will then be able to Sign-in with Microsoft on your school's ManageBac page.

 

Frequently Asked Questions

Will logging out of ManageBac log me out of my Microsoft account?

Please note that logging out of ManageBac will not log you out of your Microsoft account. Therefore, we recommend using this service from your personal computer. If using a shared computer, ensure you log out of Microsoft entirely before ending your session.

Does enabling Login with Microsoft create new accounts or change emails of users on ManageBac?

No, it allows users whose ManageBac account is already associated with Microsoft to log in using Single Sign-On.  

If a student changes a password for their Microsoft account, will it instantly sync for Single Sign-On, or will it take some time?

No sync of passwords is needed for Single Sign-On.

Does the Microsoft account have to come from the school or can any user with an Microsoft account login as long as their ManageBac email is associated with Microsoft?

For Azure Active Directory, only users from the specified tenant for Microsoft can log in. For Microsoft alone, any accounts associated with Microsoft can log in using Single Sign-On as long as the email already exists on ManageBac.

Was this article helpful?
0 out of 0 found this helpful

Menu