AssetAccountant supports logging in with verified integration partner accounts, including Microsoft.
SSO via OpenID Connect is supported and AssetAccountant can support any standard OpenID Connect provider.
Configuration is required for these custom OpenID Connect setups, which is offered on a customer by customer basis.
In addition, public Microsoft Entra ID (Azure AD) OpenID Connect login is available for all AssetAccountant subscribers.
The most commonly used SSO setup with AssetAccountant is our standard AzureAD Authentication.
This is our standard multi-tenant setup which will allow any AzureAD account to connect to AssetAccountant. This will be subject to the security policy defined by your AD policy (this security policy is not controlled by us in any way).
This video explains the process and possible permissions required from your IT department:
If you require assistance from AssetAccountant:
If you can't get this to work, it is most likely because of restrictions enforced by your IT department.
Please liaise with them in the first instance.
Then, if you or your IT team require assistance setting up an Azure AD Enterprise App, require the 'forcing' of SSO for your domain, or would like individual consultation to assist setting up SSO for your organisation, please contact us to make an appointment.
Appointments must be pre-arranged and will be invoiced in advance at $250/hour (1 hour minimum).
MORE OPTIONS:
Enforced Asset Accountant AzureAD Authentication
This is essentially the same as the set up described above with the addition that we can force SSO for a domain. I.e. if the users from somedomain.com try to log in using email/password authentication they will be redirected to AzureAD authentication.
This configuration on our identity server comes with an additional subscription charge.
Custom SSO Authentication
This is a custom solution which could either be a custom AzureAD SSO solution (i.e. if the options above are not suitable ) or any other suitable OpenIDConnect/OAuth provider.
While AssetAccountant does offer email/password authentication as standard, for any custom OpenID Connect setup SSO can be forced. I.e. if SSO is configured for an AssetAccountant subscriber, the individual users can use SSO or email/password or the email/password authentication can be disabled entirely and force SSO.
These customizations require reasonably significant configuration both on identity server and by the customer in their SSO provider (for AzureAD these are changes on the customers Azure tenant) and we'd need to understand this in more detail to give you an accurate quotation for adding these SSO services.