Azure Active Directory integration and SSO
Note: Microsoft is ending support for Azure Active Directory Authentication Library (ADAL) in June 2023.
All 8.0 versions of FotoWeb On-Premises use the Azure Active Directory Authentication Library (ADAL) for Single Sign-on (SSO) with Azure AD. FotoWeb 8.1 uses the newer Microsoft Authentication Library (MSAL) and is therefore supported by Microsoft. For security reasons and to ensure that SSO will continue to work, we recommend that all customers using FotoWeb On-Premises 8.0 and SSO with Azure AD update to the FotoWeb version 8.1.
How it works
With Azure AD Authentication, users and groups are managed in the Azure AD console, in much the same way as on a Windows Active Directory server. Group changes in the AD, such as the addition or removal of users, are automatically updated so that all user management can be done in the Azure AD only.
Azure Active Directory integration involves the following steps:
- Adding the FotoWare site to the Azure AD portal
- Enabling Azure Active Directory integration on the FotoWare site
- Linking FotoWare groups to an identity provider
- Assigning access to FotoWare archives based on the groups you've imported
Note: When linking groups to your identity provider, users are not immediately added to the FotoWare user database. Users will be linked the first time they log in.
Note: To connect the client to Azure AD you need to set up a secure connection, so FotoWare needs to be configured with TLS (HTTPS) and a trusted certificate. For more information, see Configuring FotoWare for secure connections.