AssetAccountant supports logging in with verified integration partner accounts, including Microsoft Entra ID (previously known as Azure AD).


SSO via OpenID Connect is supported and AssetAccountant can support any standard OpenID Connect provider.


Configuration is required for these custom OpenID Connect setups, which are offered on a customer by customer basis.


In addition, public Microsoft Entra ID (Azure AD) OpenID Connect login is available for all AssetAccountant subscribers.


The most commonly used SSO setup with AssetAccountant is our standard Entra ID Authentication.


This is our standard multi-tenant setup which will allow any Entra ID account to connect to AssetAccountant. This will be subject to the security policy defined by your organisation login policy (this security policy is not controlled by us in any way).


This video explains the process and possible permissions required from your IT department:


https://www.videos.asset.accountant/videos/single-sign-on-sso-microsoft-azure-active-directory/


If you require assistance from AssetAccountant:

If you can't get this to work, it is most likely because of restrictions enforced by your IT department.

Please liaise with them in the first instance.

Then, if you or your IT team require assistance setting up an Azure Enterprise App, require the 'forcing' of SSO for your domain, or would like individual consultation to assist setting up SSO for your organisation, please contact us to make an appointment.

Appointments must be pre-arranged and will be invoiced in advance at $250/hour (1 hour minimum).

MORE OPTIONS:

Enforced Asset Accountant SSO Authentication

This is essentially the same as the set up described above with the addition that we can force SSO for a domain. I.e. if the users from somedomain.com try to log in using email/password authentication they will be redirected to Entra ID authentication, or some other SSO provider.

This configuration on our identity server comes with an additional subscription charge.


Custom SSO Authentication


This is a custom solution which could either be a custom Entra ID SSO solution (i.e. if the options above are not suitable ) or any other suitable OpenIDConnect/OAuth provider.


While AssetAccountant does offer email/password authentication as standard, for any custom OpenID Connect setup SSO can be forced. I.e. if SSO is configured for an AssetAccountant subscriber, the individual users can use SSO or email/password or the email/password authentication can be disabled entirely and force SSO.


These customizations require reasonably significant configuration both on identity server and by the customer in their SSO provider (for Entra ID these are changes on the customers Azure tenant) and we'd need to understand this in more detail to give you an accurate quotation for adding these SSO services.