At Bureau Works, security and user convenience are our top priorities. As a SOC 2 Type 2 certified platform, we are committed to providing the highest standards of data protection and seamless user experiences. To enhance both security and ease of access, we have implemented Single Sign-On (SSO) functionality within our platform.
1. Introduction
2. How SSO Works with Bureau Works
3. Supported SSO Providers
3.1 Azure AD
3.1.1 In Bureau Works:
3.1.2 In Azure:
3.1.3 Back in Bureau Works:
3.2 Okta
3.2.1 Prepare Your Bureau Works Account:
3.2.2 Access Okta Dashboard:
3.2.3 Create a New Application Integration in Okta:
3.2.4 Choose Integration Type:
3.2.5 Configure Integration Settings:
3.2.6 Changing login options:
3.2.7 Configure Integration in Bureau Works:
3.2.8 Logging in with Okta SSO
1. Introduction
Single Sign-On (SSO) is a security authentication session that permits a user to use one set of credentials (e.g., name and password) to access multiple applications.
SSO allows you to access Bureau Works using a single set of credentials, simplifying your login process while maintaining strict security controls.
Whether you’re managing projects, collaborating with your team, or accessing sensitive data, SSO ensures that your access is both secure and efficient.
2. How SSO Works with Bureau Works
When you enable SSO for Bureau Works, users will be redirected to their chosen identity provider for authentication. Once verified, the identity provider will send a secure token to Bureau Works, granting the user access. This eliminates the need to remember multiple passwords.
3. Supported SSO Providers
Bureau Works currently supports SSO integration with the following providers:
- Azure AD
- Okta
Please see below the step-by-step process for configuring each provider.
3.1 Azure AD (Microsoft Entra ID - supported if initiated from the Bureau Works login page with a custom domain)
3.1.1 In Bureau Works:
- Go to Bureau Works and access the SSO option, under your Account Settings.
- Fetch your redirect URL under Account:
https://app.bureauworks.com/oauth2/azure/<account_uuid>
3.1.2 In Azure:
- Open portal.azure.com and sign-in
- Go to Azure Active Directory
- Go to App Registrations
- Select New registration in the menu
- Enter a name like Bureau Works Single sign-on
- Under "Who can use this application or access this API?", choose "Accounts in this organizational directory only (Default Directory only - Single tenant)"
- For Redirect URI, select Web and use the URL you copied from Bureau Works.
https://app.bureauworks.com/oauth2/azure/<account_uuid>
- Click Register
- Go to Certificates & secrets
- Create a new Client secret
- Give a description to indicate that this key will be used by Bureau Works
- Select a preset Expiration or set a custom date range. Once this key expires, Bureau Works will no longer be able to sign-in users in this account/app, so you will need to rotate this key or define a distant expiration date.
- Once the secret is displayed, SAVE IT. It will only be displayed once.
- Go to Enterprise Applications and select the app that was just created
- Under Properties, decide if Assignment required? (normally YES), and Visible to users? (normally YES).
- Under Users and groups, add the users and/or groups that will be able to login to Bureau Works.
3.1.3 Back in Bureau Works:
- Go to Bureau Works and enter
- SSO URL (OAuth 2.0 authorization endpoint (v2))
- Client ID (Application (client) ID: <ID>)
- Client Secret
- Open https://app.bureauworks.com/auth/login and click Azure SSO Login
3.2 Okta
3.2.1 Prepare Your Bureau Works Account:
Log in to your Bureau Works account with the appropriate credentials.
Ensure you have administrative access to manage integrations.
3.2.2 Access Okta Dashboard:
Log in to your Okta account as an administrator.
Navigate to the Okta Dashboard.
3.2.3 Create a New Application Integration in Okta:
In the Okta Dashboard, click on "Applications" and then select "Applications" from the dropdown menu.
Click on the "Create App Integration" button.
3.2.4 Choose Integration Type:
Select the integration type suitable for Bureau Works:
- Sign-in method: OIDC - OpenID Connect
- Application type: Web Application
Go to the next step.
3.2.5 Configure Integration Settings:
Follow the prompts to configure the integration settings, such as the application name, logo, and other relevant details.
Set up the integration settings according to your Bureau Works requirements.
In Bureau Works, go to the SSO pane, under your Account Settings.
- Copy and paste the Sign-in redirect URI:
- Assignments > Controlled access: Limit access to selected groups
- Selected group’s: Inform the groups that can access the application. All users within the selected group will be able to log on to Bureau Works, as long as their email in Okta is the same as their account in Bureau Works.
Save.
3.2.6 Changing login options:
Once the integration is created, make the following changes to the login option:
- Login initiated by: Either Okta or App
- Application visibility: check the Display application icon to users
- Initiate login URl: this URl can be found in your Bureau Works account, under the Settings > Account Settings > SSO menu.
Save.
3.2.7 Configure Integration in Bureau Works:
- Log in to your Bureau Works account.
- Access the SSO tab.
- Enter Okta Integration Details:
In the integration setup form, enter the Okta integration details you obtained earlier.
- SSO URL: paste your Okta Domain URL
- Client ID: Copy and paste the Client ID
- Secret: Copy and paste the Secret
3.2.8 Logging in with Okta SSO
Once the Okta application is configured, assign users to the groups associated with the application to grant access.
Users assigned to the application will be able to log in to Bureau Works using SSO via Okta.
The SSO application can be found in the user’s Work applications
- Access the application
- User will be redirected to the Bureau Works address
If any questions were not answered in this article, please don't hesitate to contact our support team at help@bureauworks.com.
Comments
0 comments
Please sign in to leave a comment.