Starting Feb 21st, 2023, Testfully customers on the Premium plan can benefit from the native integration between Testfully and Microsoft Azure Active Directory. This integration enables our customers to use Microsoft Azure AD as Identity Provider for Single Sign On. Once SSO via Azure AD is enabled for your workspace, your colleagues can only use Microsoft Azure AD to access your workspace in Testfully.
Single Sign On using Azure Active Directory
Testfully integrates with Microsoft Azure Active Directory (AD) service using the latest version of industry-standard OpenID (OIDC) Protocol, which Microsoft natively supports. The integration between Testfully and Microsoft follows the multi-tenant architecture, enabling our customers to install Testfully’s app via Microsoft Azure Active Directory App Gallery. Furthermore, Testfully is a Verified Publisher with Microsoft, and our app is being reviewed and approved by Microsoft as part of the integration process. Azure AD implementation follows our integration pattern with other leading Identity Providers, including Okta and Google.
Requested Permissions
When integrating your Identity Provider with a SaaS service, it’s essential to understand what user data & permissions the SaaS provider requests. Testfully requires a minimum amount of information to enable the Azure AD SSO. Therefore, the requested permissions are limited to openid, email and userinfo. Via the mentioned permissions, we identify users via their name and email address within your organization.
Features & Roadmap
The table below lists current and upcoming features related to Single Sign On via Microsoft Azure AD.
| Feature | Description | Status |
|---|---|---|
| Single Sign On | Workspace users can sign in using a Microsoft Azure AD account. | Supported |
| Strict SSO | Access to a workspace is permitted only using a Microsoft Azure AD account. | Supported |
| Auto join | New users can join your workspace using a Microsoft Azure AD account Disabled by default. | Coming Soon |
| SCIM | Testfully integrates with Microsoft via SCIM to sync users & roles. | Coming Soon |
Licensing
Single Sign-On via Microsoft Azure AD is available only for customers on the Premium plan. If you’re still evaluating Testfully and would like to try out the Microsoft Azure AD integration, please get in touch with us to enable this feature for your organization.
Requirements
To successfully enable the integration between Testfully and Microsoft Azure AD, please make sure your company meets the following requirements:
- Your company is currently using Microsoft Azure AD as an identity provider.
- You have sufficient permissions to install a new app via Microsoft Azure Active Directory App Gallery.
Set up SSO via Microsoft Azure AD
Please follow the steps below to install Testfully’s app via the Microsoft Azure Active Directory App Gallery.
- Open the Microsoft Azure portal and go to the Microsoft Azure Active Directory section.
- Make sure that the correct tenant is active. You can switch between Azure AD tenants via the “Manage tenants” menu.
- On this screen, copy the value of the “Tenant ID”.
- Click on the “Add” menu and then on the “Enterprise application” submenu.
- The “Azure AD Gallery” opens for you. Please search for “Testfully” and click on the Testfully icon on this screen.
- Click “Create” to add Testfully’s app to your Azure AD tenant.
- You will be redirected to the Overview screen of Testfully’s app; ** please copy the value of the Application ID.**
- Please email the values of both the Tenant ID and the Application ID fields to
support@testfully.io. The support team at Testfully completes the set-up.
Single Sign On via Microsoft Azure AD
Signing in to a Testfully workspace via Microsoft Azure AD is as simple as following the below steps:
-
Open Testfully’s web app via app.testfully.io or open Testfully’s desktop app
-
On the sign-in screen, click on the Microsoft Azure AD logo
-
Enter your work email address, and click on the Continue button
-
Testfully redirects you to the Microsoft website for authentication
-
Once the process is completed, Microsoft redirects you back to the Testfully app
-
Testfully completes the authentication handshake and redirects you to the requested workspace
Troubleshooting information
While using Microsoft Azure AD as your identity provider, Testfully may return the following errors. We have explained what each error means:
Azure Active Directory login is not available for provided email address
A user may receive the Azure Active Directory login is not available for provided email address error message while trying to log in to a Testfully workspace using Microsoft Azure AD. This usually means:
- The workspace is not configured to use Microsoft Azure AD as the identity provider
To fix this issue, subscribe to the premium plan and install Testfully’s app in your Microsoft Azure AD tenant.
AZURE_AD_SSO_REQUIRED
A user may receive the AZURE_AD_SSO_REQUIRED error while using an authentication method other than Azure AD. This means:
- The workspace is configured to use Microsoft Azure AD, and other authentication mechanisms are disabled
The user should use Microsoft Azure AD for authentication to fix this issue.
Support
Testfully’s integration with Microsoft Azure AD is being tested by both Testfully and Microsoft. If you’re facing issues while installing Testfully’s app or accessing your Testfully workspace using Microsoft Azure AD, please get in touch with us via support@testfully.io.