ZuluDesk lets you enroll users from Microsoft Azure into ZuluDesk via an automated process by presenting a web clip onto the users device. This web clip enables authentication through Microsoft Azure, importing the user into ZuluDesk and linking the Azure account with the used iPad.
Microsoft Azure ZMS implementation and setup details:
Step 1: Azure->Login
Login with your Azure Admin account.
Step 2: Azure->Active Directory: Create Application for ZMS
Within the Azure Active Directory folder create an application named ZMS.
App Registrations > New application registration
Name > ZMS
Application type: Web app / API
Do one or more of the following:
(Automated Device Enrollment only): "https://manage.zuludesk.com/onboarding/oauth"
(On-device enrollment only): "https://manage.zuludesk.com/enroll/oauth"
(Web clip only): "https://manage.zuludesk.com/link.html"
Select your application, find the Application ID and copy it to the clipboard.
Generate a key, click Certificates and Keys and create a new client secret, give it a name and copy the key. The key will be displayed when these settings are saved. Copy the key to the clipboard, once you leave the page the key wil not be visible.
Some information after completing the creation of the app, is needed in the following steps.
After creating the application please make a note of the endpoints which are automatically created. You can expose the endpoints by going back to the “App Registrations” and click on the “Endpoints” button on the top of the view.
Please copy the following endpoints to the clipboard:
- OAuth 2.0 Token Endpoint (v1).
- OAuth 2.0 Authorization Endpoint (v1)
Step 3: Apply settings in ZuluDesk
Apply the Microsoft Azure settings in ZuluDesk via Organization->Settings->Authentication. Setting the Authentication Method to Microsoft Azure, enables you to enter the appropriate values.
Key: Application Client Id, found in the Azure Application configuration.
Secret: Application Secret, generated after setting a key and saving the Azure application.
Authorization Endpoint: Application Endpoint, exposed when viewing the Azure application Endpoints.
Token Endpoint: Application Endpoint, exposed when viewing the Azure application Endpoints.
Microsoft Azure Device and user Flow:
Step 1: Special Microsoft Azure web clip on user device
When a user starts with a new device and the device has not yet been linked / associated with a user, the device will show a web clip that the user can activate. This enables the user to authenticate via Microsoft Azure.
- Step 2: Select Microsoft Account
After clicking the web clip the user is redirected to Microsoft Azure. This enables the user to login
- Step 3: ZMS Sign in permission
Accept the ZMS sign in and read your profile message.
- Step 4: ZMS Message
After a successful login the user is registered in ZuluDesk ZMS and linked to the device.