Azure Portal configuration for Azure login on EasyHour

In order to integrate your company domain powered by Microsoft Azure / Office365 with EasyHour an administrator must change a few settings in the Azure Portal.

Once Azure login is set up, employees will be able to log in on EasyHour with no need to create any account in advance. User authentication will happen on Microsoft servers using their mail credentials.

 

Preliminary EasyHour configuration

First of all, you need to set the login type. In Company > Employees > Login Configuration select "Microsoft Azure".

In the "Domain" field enter the company domain, e.g. if your corporate e-mail is name.surname@company.com then enter company.com as the domain. The domain will be used to identify your employees, so in this case only users with an @company.com account will be able to log into EasyHour.

Click the "Save" button and copu the "Callback url", you'll need it in the next step.

 

Azure Portal configuration

Login to Azure portal as an administrator and follow these steps:

  1. Navigate to Azure Active Directory.
  2. Click on App Registrations.
  3. Click on New Registration.
  4. Enter a name for the client such as EasyHour
  5. Redirect uri is Web and enter the "callback url" copied from EasyHour
  6. Click Register.
  7. In the Overview section, copy the ClientID from the Application (client) ID field.
  8. In the Overview section, copy the TenantID from the Directory (tenant) ID field.
  9. Click on Certificates & secrets and then New client secret.
  10. Add a description of the secret.
  11. Select never expires or the longest period available.
  12. Click Add. Copy the secret value
     

Finalize EasyHour configuration

Finally, go back to EasyHour and enter the 3 values you just copied:

  • Tenant ID
  • Client ID
  • Client Secret

Save the new configuration and you're done.

Additional steps for automatic sync

Automatic user sync

EasyHour can automatically sync users by adding new users and/or deactivating users no longer found on Azure. In order for the sync to work, you must grant an additional permission to the EasyHour app in Azure: Place.Read.All (Application) and Calendars.ReadWrite (Delegated). This ensures EasyHour can read the full list of employees and make changes accordingly.

Automatic booking sync

EasyHour can automatically sync meeting room bookings in Outlook/Teams rooms. In order for the sync to work, you must grant an additional permission to the EasyHour app in Azure: User.ReadBasic.All e Calendars.ReadWrite. This ensures EasyHour can read the list of conference rooms and create events to block meeting rooms in Outlook/Teams.

Moreover, for sync to work EasyHour and Azure offices must be matched by using the following procedure:

  1. In Company > Employees > Login Configuration check "Sync meeting room bookings"
  2. Create all meeting rooms in Azure (in https://portal.office.com/AdminPortal/Home#/ResourceMailbox or https://admin.exchange.microsoft.com/#/). For meeting rooms do NOT enable "Allow scheduling only during work hours".
  3. Create or edit offices in EasyHour and for each of them select the matching conference room in Azure.