As a team manager, you need to clear roadblocks so your crew can focus on getting their work done. Whether it’s finding the right applications or simply making it easier to access them, fine tuning efficiency is key to success.
For teams that use Microsoft Azure AD, you can now effortlessly add users from your organization to Timely, so they can set up their Timely accounts faster.
Note: You must be a Microsoft Azure AD admin in order to authenticate this integration.
First, head to Settings > Integrations within your Timely account then click “Microsoft Azure AD”:
From there, you’ll enter your tenant ID, which can be found by going to the “Properties” section of your Azure Active Directory:
Submit that ID then select the account you want to connect:
In the permissions section of the authorization page, click the checkbox that says “Consent on behalf of your organization” then click “Accept”:
After accepting the permissions request, Azure AD users will be synced to Timely.
Adding the SP (Service Provider) configuration
You’re almost there! Before your imported users can access Timely, you’ll need to complete the Service Provider configuration.
SP configuration steps
1. In the Azure portal, head to the “Azure AD SAML Toolkit” application integration page. Locate the “Manage” section and select Single sign-on, then SAML.
2. On the “Set up single sign-on with SAML” page, click the edit/pen icon for Basic SAML Configuration to edit the settings.
3. On the Basic SAML Configuration page, enter the values for the following fields:
a. In the Identifier (Entity ID) text box, enter this URL: https://auth.www.cabesh.com/
b. In the Reply URL text box, enter this URL: https://auth.www.cabesh.com/users/saml/auth
4. On the “Set up single sign-on with SAML” page, in the “SAML Signing Certificate” section, find Certificate (Base64) and select Download. You can download the Thumbprint too, but the Certificate is recommended.
5. On the “Set up Azure AD SAML Toolkit” section, copy these URL(s) to send to us (as the Service Provider).
6. As the Identity Provider, you also need to share the attributes which define unique Email, UUID and Name for your users with us (the Service Provider). You can find it under the “User Attributes & Claims” section.
Completing the SAML process
This completes the set-up from your (Identity Provider) side. In order for us to complete the Service Provider side, kindly email us ([email protected]) with the following:
Certificate (Base64) (step 4)
URLs from step 5
User attributes from step 6
We’ll make sure our developers complete the process so your imported users can access Timely as soon as possible.
Do I need to do anything after setting up the Azure AD integration so my team can use Timely?
Members of your team who are new to Timely will be added as Employee-level users without ties to any projects. You’ll want to edit them individually, making sure they have access to the right projects, rates or privileges as per your team set-up in Timely.
Do these employees need to set anything up on their end to sign in via Microsoft?
Nope! You’ve done all the hard work as the admin; they’ll be able to use SSO as soon as you’ve set up the integration.
What about users that I’ve added to Microsoft or Timely after I set up the integration?
As long as the integration is connected, the sync will continue to take place on the backend after you’ve set it up — it will catch and connect any new users automatically for you.