How to configure Microsoft SSO

This article is aimed at those enterprises who wish to use Microsoft SSO with RealWear Cloud. This article covers the standard method of logging in with SSO and also explains what to do if you have advanced controls enabled inside the Azure AD tenant

Microsoft makes single sign-on (SSO) free for all Azure AD customers -  MSPoweruser

Normally the Microsoft Single Sign-On is automatically configured when a registered user of both a Microsoft Enterprise Azure AD and RealWear Cloud* tries to sign in to RealWear Cloud using the 'Sign in With Microsoft' button at https://cloud.realwear.com 

*the first user of the Microsoft tenant must have registered other users inside RealWear Cloud (we'll explain more about this later). See below - Registering Users for RealWear Cloud

To use Microsoft SSO you must already be registered with RealWear Cloud.

If you are already registered you can attempt to sign in using your Microsoft Credentials. Click the blue 'sign in with Microsoft' button.

You should be presented with a Microsoft Sign In page.

Enter your Azure AD details (your work / enterprise login credentials)

Once completed, you'll be greeted with a Microsoft Screen to grant the relevant permissions.

By accepting this screen you are agreeing to grant RealWear Cloud the following permissions:

API / Permission:
Microsoft Graph
User.Read, Delegated Access,

Email, OpenID, Profile

Once accepted, you'll be taken to your workspace dashboard.

 

Advanced Enterprise Application Security

Depending on the setup of your enterprise, your Azure Administrator may be the person who has to grant permissions. If this is the case you'll be greeted with the following screen, to move past this screen you must contact your Azure AD Administrator to grant the permissions inside the Azure Portal. 
Advise them to visit https://portal.azure.com
Azure Active Directory
Enterprise applications (from the left hand blade)
Find the application listed as RealWear Cloud > Select it
Tap permissions from the new left hand blade
From the permissions screen tap the blue button to grant the consent for the app to connect. Your admin may need to login to pass this step.

Once complete, future permissions will be granted for any users you wish to invite to RealWear Cloud.

Register your users inside RealWear Cloud.

Step 1: Sign in using the standard method for RealWear Cloud.

On https://cloud.realwear.com
Enter your Workspace Name
Enter your email address
Enter your Password.
Click 'Sign In'

Step 2: Click Users on the left hand side

Click the black plus next to invites 

Enter details and repeat for each user you want to add. Role descriptors are available here: https://support.realwear.com/knowledge/cloud-workspace-users

Each user MUST verify their email to be able to access RealWear Cloud