Customers who wish to configure their Azure Active Directory for SSO will need to take a few steps to do so.
If a user has SSO enabled, they will only be able to login using SSO.
This article will walk you through the system requirements and process of configuring your Azure Active Directory with Limble for SSO login.
(Note: SSO is only available to Enterprise customers for an additional fee. To upgrade your account or learn more, reach out to our support team.)
Table of Contents
Limble SSO usernames are always email addresses.
Limble does not support active directory accounts without email addresses attached.
Azure active directory users must have at least a first and last name in their profile.
Step 1: Enable SSO in Limble
Login to Limble and go to Settings > Manage SSO.
Select “Azure Active Directory” from the dropdown list.
Click “Enable SSO.”
Step 2: Enable SSO with an Azure Administrator in Limble
If you have an account with an Azure Admin email already in Limble, navigate to the Manage Users page from the navigation menu.
Next to the user, click the hands icon to enable SSO for that account.
If you don’t have a Limble account with a Azure Admin email, create one by clicking “Add User.”
Step 3: Login into Limble with the Azure Admin and Consent to SSO
Sign into Limble with the Azure Admin account.
Enter the admin email and when prompted click “Consent on behalf of your organization” and “Accept.” This allows Azure to authenticate your users.
Step 4, Option 1: Automatic Provisioning
If you are using SCIM for automatic provisioning (recommended), please see that guide.
This allows Limble to mirror the users and groups you’ve assigned to Limble in Azure.
Add a new user in Azure, assign them to a Limble group (e.g, workshop-technicians) in Azure. They will then have credentials and permissions in Limble. Deleting and editing users will also sync between the systems.
(Note: In order for automatic provisioning to work correctly, users must be part of a group in Azure.)
Step 4, Option 2: Manually Sync Users (Not Recommended)
If you manually set up Limble users, you will be responsible for keeping users in sync between Limble and Azure, which is why we do not recommend this. If you desire to manually sync users, make sure that Azure UPN and Limble username match up. Otherwise, SSO will not work.
Login to Azure.
Click “Enterprise Applications.”
Find LimbleCMMS, which will appear due to consenting in step 3.
Under LimbleCMMS, add the Active Directory users you want to access Limble.
In Limble, on the Manage Users page, enable SSO or add users with SSO enabled for each of these Active Directory users.
(Note: usernames in Limble must match their Active Directory UPN, or user principal name. If you enable SSO without matching these, that user may be unable to login to Limble. After their first login, their username may differ.)
After completing this guide, any users who have SSO enabled will receive a welcome email with instructions for logging in with SSO.