SSO
SSO enables organizations to use their corporate identity provider to authenticate users. Currently supported SSO provides include:
- Azure AD
To request support for additional SSO providers, please contact Seek support.
Azure Active Directory
Register Seek with Azure AD
Register an application in your Azure tenant using these instructions.
Seek's callback url to use for the Azure app's redirect URI is https://seek-prd.us.auth0.com/login/callback.
Configure Azure App Permissions
Configure permissions for the Azure app - see Microsoft's quickstart here.
- Use Delegated Permissions
- Seek requires the following permissions:
Group.Read.AllGroupMember.Read.AllUser.ReadDirectory.Read.AllDirectory.AccessAsUser.Allemailoffline_accessopenidprofile
Communicate Setup to Seek
Provide the following information back to your Seek contact:
Azure Details
- Microsoft Azure AD Domain
- Azure App Client ID
- Azure App Secret
IDP Group Mapping
- Provide the group names that should be mapped to Seek roles: Admin, Engineer, Consumer
- Multiple groups can map to the same role
Using IDP Groups for Permissions
If you have SSO enabled, you will be able to add groups from your IDP directly to a team in Insight Cloud. This will allow you to manage permissions in Insight Cloud based on your existing active directory group structure.
- Create a Team in Insight Cloud
- Add the Azure AD group to the Team
- Assign permissions to the Team
- When users who are a member of that AD group log in, they will have access to the permissions assigned to the Team
Read more about manging Teams in Insight Cloud here.