How to set up SSO with Azure AD in Lobbytrack

Lobbytrack allows employees to log in using their Single Sign-On (SSO) credentials registered with Azure Active Directory. This feature makes the workplace experience safer and more convenient as users do not need to remember yet another username and password to log into different apps they use at work. SSO also makes it easier to authorize or remove employees from Lobbytrack and other apps by simply adding them to or removing them from the SSO software the company is using.

  1. Log in to Lobbytrack.com and then go to the “profile icon” at the top right corner.

    Settings

  2. From the drop-down menu, click on “users”.

    Users

  3. Then click on “single sign on”.

    SSO

  4. Click on the toggle button to enable single sign on.

    Enable SSO

  5. Select the service provider as “Azure Active Directory”.

    Azure

  6. Scroll down and then click on the “Connect” button under the connection section.

    Connect

  7. You will see a pop-up box. Enter your Azure Active Directory account credentials. You need to enter the “Application(client) ID”, “Directory(tenant) ID” and the “Client Secret Value”. Then click on connect.

    Azure Account Info

In your Azure Active Directory account:

  1. Log in to the Azure portal and open Azure Active Directory

  2. Register Lobbytrack app

    1. Click on App registrations
    2. Click on New registration
    3. Enter a friendly name such as Lobbytrack
    4. Select the appropriate account type such as 'Accounts in this organization directory only'
    5. Click the Register button to save the application

  3. Add permissions

    1. From the application overview, click on API permissions
    2. Click on Add a permission
    3. Click on Microsoft Graph
    4. Click on Application permissions
    5. Search for 'User.Read.All', check the box and click the Add permissions button to save
    6. Return to the Azure Active Directory dashboard
    7. Click on Enterprise applications
    8. Click on the application you registered
    9. Click on Permissions
    10. Click on the Grant admin consent for 'org' button

  4. Generate secret

    1. Return to the Azure Active Directory dashboard
    2. Click on App registrations
    3. Click on the application you registered
    4. From the application overview, note the Application (Client) ID and Directory (Tenant) ID
    5. Click on 'Certificates & secrets'
    6. Add a new client secret with a description and expiration date
    7. Note the new secret's value

    5. Enter app credentials in Lobbytrack

    1. In Lobbytrack > Settings > Integrations > Active Directory, click the Connect button
    2. Enter the Azure AD Tenant ID, Client ID and Client Secret that you noted earlier
    3. Once connected, you can do a manual sync and/or configure Lobbytrack to sync automatically every few hours