In today’s blog post we are going to explore some of the capabilities of Azure working together with Acumatica to provide an easy to use and secure way to log into Acumatica.
You can use Azure Active Directory (Azure AD) as your identity provider for single sign on into Acumatica. But beyond that, we are going to take a look at some of the capabilities of Conditional Access, a feature of Azure Active Directory Premium P1.
Conditional Access allows you to enforce specific rules for authentication based on a number of criteria. Using this tool you can determine whether or not a login should be allowed, denied or prompted for two factor authentication depending on the risk level of the sign in request.
Conditional Access policies can apply to specific application registrations within Azure. This way you can selectively enforce MFA for a specific application, for specific users, in specific scenarios.
Once you have set up your AAD integrated login per the steps here , open your Azure Portal
Open Azure Active Directory – Security – Conditional Access
- Create a new policy, assign users or groups:
- Associate the Acumatica app registration:
- Exempt logins from trusted devices, locations, etc if desired
- Prompt for MFA
Conditional Access requires an Azure AD Premium P1 SKU assigned to the user which is included with Microsoft 365 E3 and E5, EMS SKUs or can be purchased ala carte.
Depending on the option you have configured for your Azure AD account, the two factor authentication challenge could come as a text message or push notification to the Microsoft Authenticator app on your phone. Azure takes care of the validation, then passes a token to Acumatica, allowing you to log in.
Using Azure authentication, you have a unified login history available in the Azure portal, by user or by app registration:
How are you purchasing your Office 365 licensing currently? If you are purchasing directly from Microsoft, you are not getting the full value of your investment. Crestwood is a gold certified cloud partner with Microsoft and we provide licensing and guidance for the full Office 365 product suite contact us for a consultation.