OpenID Directories (Administration)

The OpenID Directories screen allows for adding a remote user directory login provider such as Azure Active Directory.

For adding and editing directories details contact support@amsterdamsoftware.com

For more information on setup and mapping FBO One accounts to directory accounts see Azure Active Directory - Setup for mapping directory users for login

Contents:

Functions

The OpenID Directories page allows for the following functions:

  • Manage and map directory users to FBO One users: Mapping directory users to existing FBO One users to allow directory login credentials to be linked to the FBO One user.

  • Disable FBO One IP whitelist check: Allow users to access FBO One directory login from outside of the IP whitelist. Note: Traditional FBO One login credentials are unaffected and cannot be used when outside the IP whitelist. See IP whitelist (Administration) and IPWhiteListEnabled.

  • Disable FBO One login for users: Disable FBO One native login for users, forcing directory login only.

OpenID Connect Directories (such as Azure Active Directory login providers)

Defines a remote login provider such as Azure Active Directory.

Note: Currently Azure Active Directory integration is supported.

Columns

  • Name: The name of the directory. Added by support

  • Client ID: The ‘Application (client) ID’ found in Azure Active Directory for this directory. Added by support

  • Authority: The URL for the directory login. Note: The {0} will be replaced by the Tenant ID value. Added by support

  • Tenant ID: The 'Tenant ID’ found in Azure Active Directory for this directory. Added by support

  • Enabled for FBO One login: If ‘Yes’ then the directory can be used for FBO One login and is displayed on the login page below the native FBO One login. If ‘No’ then the directory is disabled for user login.

  • Enable FBO One IP Whitelist check: If ‘No’, allows login through the directory for the user if accessing FBO One from outside the IP whitelist set in FBO One. If inside the IP whitelist the traditional login will show alongside. If ‘Yes’ this IP whitelist is checked for the directory login, with users only allowed to login when accessing FBO One from within the IP whitelist. See IP whitelist (Administration).

Fields

  • Enabled for FBO One login: Checkbox defining if the directory is available for login.

  • Enable FBO One IP Whitelist check: Checkbox defining if FBO One IP white list is still checked when directory login is used. See IP whitelist (Administration).

Mapping of FBO One user on external directory user

This table allows mapping FBO One users to directory users for the selected directory from the ‘OpenID Connect Directories’ table above.

This table will populate users if mapping occurs in the Users (Administration) page on the 'OpenID Directory User Account' table for the user.

Columns

  • Directory: The directory for this mapping, selected in the ‘OpenID Connect Directories’ table.

  • FBO One user: The FBO One user name and full name.

  • Directory user: The directory user name linked to be mapped to the FBO One user.

  • Enabled: If ‘Yes’ the directory mapping is enabled. If not enabled, the directory user cannot login. Equivalent to deleting this record.

  • Allow FBO One credentials: If ‘Yes’, the traditional FBO One login details for the mapped user will still be available. If ‘No’ only the directory user and login can be used for the mapped FBO One user.

Fields

  • FBO One user: Drop down of all FBO One users.

  • Directory user: Free text for adding the directory user name. Note: This should be added as shown in the ‘User principal name’ for the user on Azure.

  • Enabled: Checkbox defining if this directory mapping is enabled.

  • Allow FBO One credentials: Checkbox defining if the FBO One user credentials can still be used.