06 August 2019
- Last edited 29 January 2020
When using a Azure environment an administrator of the Azure domain can authorize an application to access user data on behalf of users in the Azure domain.
Scanshare v4.10 adds support for Azure for the SSO integration, just like the existing AD integration, and for tenant wide access over OneDrive for business user accounts.
In order to allow Scanshare access OneDrive for Business user data, an administrator of the Azure tenant must complete the following steps:
Go to Scanshare user section and click "User Single Sign On":
In the next dialog click + and as profile "Type" select "Azure": In this dialog you can insert:
The name of the profile
The Type of the profile (obviously Azure)
The Domain of the Azure tenant
The Username authentication only is obviously enabled and it is not possible to disable it because after this operation it will be possible to log in only with the username.
Enable or Disable the Request OneDrive tenant access, It is possible to connect all OneDrive for Business users without making the OAuth configuration for each user. Only the Azure administrator user will do the OAuth for everyone.
If "Request OneDrive tenant access" is disabled: here you will need to insert the credentials of your Azure administrator and click "Next"
You will now be given information on the permissions that you are about to provide to the Scanshare application before accepting them:
If "Request OneDrive tenant access" is enabled:
Also in this case after insert the Azure admin credential, you will now be given information on the permissions that you are about to provide to the Scanshare application before accepting them:
After accepting the permissions required for the organization, you will have access to the Azure AD and if you also enable the "Request OneDrive tenant access" all users in the organization can use OneDrive for Business without creating OAuth profiles for each one: simply by enabling the "Use admin consent" field.