Setting up Single Sign On in FlourishDx
If you wish to use your Azure Active Directory (AAD) to enable Single Sign On (SSO) with FlourishDx, please submit a support request as we must enable this option for your account.
Once SSO has been enabled on your FlourishDx subscription, you will be able to manage the feature from your Admin Dashboard. Click on System, then Preferences, to change your settings. (You must be an Admin to see this dashboard)
When you select the ‘Single Sign On’ tab you will see a checkbox that enables or disables the SSO feature. Bear in mind that although you can switch SSO off at any time, any accounts that were created with only SSO access will not be available for use as they do not have a username/password option for login.
Once you enable SSO, you must enter your AAD Tenant Id and click Update to save the change. If you are unsure of your Tenant Id, please consult with your IT team for details.
You can also select whether you would like FlourishDx to automatically register new users with accounts. This feature will create accounts for all your users that sign in to FlourishDx, using the information we read from their profile. The only information we currently use is their first and last name and their email address.
Once you have configured your Tenant Id and selected how you want to manage new users, you need to give consent to FlourishDx to access the information required to successfully sign your users in.
Managing Consent
Before any users can make use of SSO, a Global Admin from your organisation will need to provide consent to allow your data to be shared with FlourishDx. Our app requests a few basic items including:
- First Name
- Last Name
- Roles (these are a list of Ids that have no meaning to us without context from your organisation. We ask for them in order to allow us to integrate deeper with you later)
The consent process is simple. Have a Global Admin follow this link, authenticate, and click the Accept button.
Signing in to FlourishDx
Once consent has been given, any user from your organisation can sign in to FlourishDx using the dedicated SSO route.
Please go to https://www.flourishdx.com/sso to sign in using SSO. The normal login process of entering your email and a FlourishDx-specific password will not work unless your account has both login features enabled.
Click the ‘Sign in with Microsoft’ button and you will be redirected to the Microsoft Online login process. Once you have authenticated with Microsoft, you will be redirected back to FlourishDx and have access to your account.
Signing in to FlourishingAtSchool
Once consent has been given, students from your school can sign in to Flourishing At School using the dedicated SSO route.
Please go to https://www.flourishingatschool.com/login to sign in using SSO. The normal login process of entering your email and a FlourishDx-specific password will not work unless your account has both login features enabled.
Click the ‘Sign in with Microsoft’ button and you will be redirected to the Microsoft Online login process. Once you have authenticated with Microsoft, you will be redirected back to FlourishDx and have access to your account.
Managing Access
You can restrict which of your users are allowed access to FlourishDx by changing the settings in your Azure AD Portal. Conditional Access and some other features may require premium tiers of AAD. Please consult your organisation’s IT team for further advice.