Lobbytrack allows employees to log in using their Single Sign-On (SSO) credentials registered with Azure Active Directory. This feature makes the workplace experience safer and more convenient as users do not need to remember yet another username and password to log into different apps they use at work. SSO also makes it easier to authorize or remove employees from Lobbytrack and other apps by simply adding them to or removing them from the SSO software the company is using.

  1. Register Lobbytrack app in Azure Active Directory (Entra ID)
    1. Log in to the Azure portal and open Azure Active Directory (Entra ID)
    2. Click on App registrations
    3. Click on New registration
    4. Enter a friendly name such as Lobbytrack SSO
    5. Select the appropriate account type such as 'Accounts in this organization directory only'
    6. Configure the Redirect URI to use Web and enter the URL:
      https://www.lobbytrack.com/Account/LogIn/AzureAdLogInRedirect
    7. Click the Register button to save the application
    8. From the app overview, note the Application (Client) ID and Directory (Tenant) ID
  2. Add permissions
    1. Click on API permissions
    2. Click on Add a permission
    3. Click on Microsoft Graph
    4. Click on Application permissions
    5. Search for 'User.Read.All', check the box
    6. Click the Add permissions button to save
    7. You should see the following configured permissions:
      User.Read
      User.Read.All
    8. Click the Grant admin consent for 'org' button to grant access

  3. Generate secret

    1. Click on 'Certificates & secrets'
    2. Click on 'New client secret' button
    3. Add a new client secret with a description and expiration date
    4. Note the new secret's value
  4. Configure Single Sign On in Lobbytrack
    1. In Lobbytrack > Users, add a user account for each Active Directory user that will use Lobbytrack, using their Active Directory email
    2. Click on 'Single Sign On'
    3. Enable 'Single Sign On', select 'Azure Active Directory' and click the 'Connect' button
    4. Enter the Azure AD Tenant ID, Client ID and Client Secret that you noted earlier
    5. Users will then be able to log in to Lobbytrack using their Azure Active Directory credentials on Lobbytrack.com
    6. Optional: Add Lobbytrack tile to Microsoft My Apps dashboard
      See the 'How It Works' instructions found in Lobbytrack > Users > SSO which will display your custom URL.