AAD login allows users to log in to Coins ERP+ using their Coins ERP+ user ID and their Azure Active Directory password.
AAD login will not work if two factor authentication is used on the user's Azure Active Directory account.
In SY Parameters:
Set the AAD_CLIENT_ID parameter to the ID of the Azure Active Directory app for Coins ERP+ authentication. See Configuring AAD.
Set the AAD_LOGIN parameter to Y.
Set the AAD_SECRET parameter to the client secret from the Azure application that allows Coins ERP+ to authenticate with it.
Set the AAD_TOKEN parameter to the URL of the token endpoint for Azure: https://login.microsoftonline.com/organizations/oauth2/v2.0/token.
For each user who will use AAD login:
Ensure the email address on their user record is the same as their Azure Active Directory email address.
If you want users to log in using AAD only, blank out the password on their user record. Leaving the password in gives users the option of logging in using their password or AAD.
Parameters
SY/AAD_LOGIN - AAD Use Login
Whether to use AAD login. This will allow the user to enter their COINS User ID and AAD password on the COINS login page.
SY/AAD_SECRET - AAD Client Secret
If using AAD login, this is the client secret that was created in the Azure application.
SY/AAD_TOKEN - AAD Token URI
The Azure token endpoint. Expected value: https://login.microsoftonline.com/common/oauth2/v2.0/token