Azure SSO for Browser

Good afternoon,

My company is currently in the process of implementing Kinetic ERP to our organization and I have been tasked with setting up Azure AD SSO. I have followed the steps listed here at the bottom of the page, but this seems to be for the application. I don’t have an application, I just access it from the browser and the majority of people will be accessing it that way. Is there any documentation on setting up Azure SSO for the browser version?

Thank you in advance.

Welcome @mackenziem!

The process is similar except you don’t do the .config changes locally. Are you managed by Epicor SaaS? Public Cloud?

Did you configure the Azure side yet?

Hi Mark,

Thanks for the response. I’m not sure how to tell, I was just given access to log in as Manager yesterday. I did create an 2 app registrations as the instructions specified and added those IDs along with my Tenant ID into the Azure Settings within the Epicor browser (or whatever it’s proper name is)

If I am able to, how would I change those .config files online?

If you are cloud, you’ll need to contact cloud services/support.

2 Likes

Like Kevin said, the cloud team has to make sure the application server you connect to has Azure AD enabled. You won’t have to do that. In older versions, it was a different URL but I think that changed in 2022.1+

1 Like

I’ve been working through this myself this week, and found that EpicCare has an article titled “Introducing Azure AD Authentication” (KB0039743) that explains which steps the customer can do and which steps the cloud team handles.

2 Likes

And as we mentioned previously, Microsoft has renamed Azure AD to Entra ID. It hasn’t changed any functionality, but companies (including Epicor) will have to update their documentation.

John Savill does a lot of great videos about Azure on YouTube. He did a recent one about people complaining about the rename and it’s worth a listen.

3 Likes

Yes, previously we complained that Azure AD is not AD. Now we don’t like name change :slight_smile:

2 Likes

When doing a SSO login, a Kinetic user in a web browser gets prompted for the “Tenant ID” on their first login (we’re on Public Cloud using Azure AD / Entra ID). Someday when they erase their browser cookies they are going to get asked for that again and will not remember what to enter. Is anyone aware of a way to help them with that? For example, if that could be inclued in an argument that I could append to the URL, I could publish that form of the URL.

image

As far as I know of, no. I just keep reminding them when they ask me.

Thanks, I guess I’ll do that. I plan to tell them to look carefully at the URL, they can see the number embedded in there.