Adding/ Removing Users To Enterprise Applications In Azure Active Directory

In this article we will be looking into adding new users to Azure active directory and providing access to your enterprise applications without giving them access to your application's dedicated login information. Azure uses a secure communication protocol to automatically retrieve the applications login details saved at your application on Azure and automatically allows your users to gain access to the application.

This is veryhelpful when you have support teams for your firm which use Twitter or any other social media application to provide support to your customers. So when a new employee joins your support team you can easily grant them access to the application and revert back the access to employees leaving the firm.

So let’s get started,

Step 1

Login into Azure portal

On the left blade search for Azure Active Directory

Azure Active Directory

Step 2

Inside Azure Active Directory, look for 'Add a guest user' and click on it.

Note as of now in new portal Microsoft does not allow you to use 'Add a User' option to add an existing Microsoft user account as it was in the old classic portal. So, we will be using guest user for this scenario

Azure Active Directory

Step 3

Enter an email Id you'd like to invite to use your AAD along with your personalized message. And click on invite.

Azure Active Directory

Step 4

Once the invite has been sent go to 'users and groups' tab which could be found under 'manage' 

Azure Active Directory

Step 5

Once inside users and groups you can see all the users that have been added to you AAD. Click on the user you would like to make changes.

Azure Active Directory

Step 6

Under individual profile fill in the user details as per your requirement.

Azure Active Directory

Step 7

Set up a usage location to the user to enable them to access the application that we are about to create. And click save.

Azure Active Directory

Step 8

Once a user profile is filled up go back to AAD blade and find 'licenses' tab.

Azure Active Directory

Step 9

Inside licenses click on all products to find a '+try/bye' tab and click on it.

Azure Active Directory

Step 10

Here you can find 'Azure AD Premium' and 'Enterprise Mobility Suite' if you are an individual startup and have fewer employees you can go with Azure AD premium service or if you have an entire set of enterprise applications that you's like to use for your company you can choose enterprise mobility suite and click on activate.

Azure Active Directory

Step 11

Once the trial is activated you can find it in the all products list and choose which ever is activated as per your requirement. And click on it.

Azure Active Directory

Step 12

Under the licensed users you can find 'Assign' option. Click on it to assign a user to it. You can also use licensed group to assign group of users.

Azure Active Directory

Step 13

Under assigned users click on users and group and select as many users you would like to assign it to the application. And click on select.

Azure Active Directory

Step 14

Then select assignment options to specify what a user can access in your AD. And click on and select assign to complete the process.

Azure Active Directory

Step 15

After assigning click on refresh and you can find all assigned user.

Azure Active Directory

Step 16

Go back to AAD blade and click on Enterprise applications if you have activated enterprise mobility suite or click on app registration if you a have activated AD premium.

Azure Active Directory

Step 17

Click on all application tab to find already added application and also to add a new application. To add a new application, click on add new application.

Azure Active Directory

Step 18

Under add from the gallery search for twitter application and click on it.

Azure Active Directory

Step 19

Give a custom name to the application if required and click on add.

Azure Active Directory

Step 20

In the application click on assign a user option or choose user and group from the 'manage' menu.

Azure Active Directory

Step 21

Click on add new user to add a user.

Azure Active Directory

Step 22

Choose number of users you would like to add to the application as a group or individual and click on select.

Azure Active Directory

Step 23

Click on assign.

Azure Active Directory

Step 24

Once the user has been assigned you can find them listed.

Azure Active Directory

Step 25

Back on the main application blade under 'manage' go to single sign on and set single sign on option to password-based sign-on. And save.

Azure Active Directory

Step 26

After saving go back to users and groups.

Azure Active Directory

Step 27

And select the users to update credentials.

Azure Active Directory

Step 28

Here enter your companies twitter account user name and password and click save.

Azure Active Directory

Step 29

Once the credentials have been set up your users can access your Twitter application by accepting the invite.

Azure Active Directory

Accepting the invite will take you to a page where you will be asked to accept the terms and conditions by clicking next.

Azure Active Directory

In the next page you have to login with you company's credentials.

Azure Active Directory

Step 30

Once you have logged in you will be taken to access panel where you can find all your companies applications that you have access to. If you couldn’t find the application and you have be added to multiple active directory. Click on your name to switch between directories. And you will be able to find your application.

Azure Active Directory

Azure Active Directory

Step 31

Clicking on the application will promote you to add an extension for Microsoft access panel. Install the extension on your browser or you can install access panel application though app store if you are using company laptop and use to sign in by company assigned credentials.

Azure Active Directory

Step 32

Click on add to chrome. To add the extension.

Azure Active Directory

Step 33

Once the extension has been added refresh the browser and once again click on the application and it will automatically log you into your company twitter account.

Azure Active Directory

The process uses a secure connection to retrieve user name and password of your company to which was updated earlier.

Azure Active Directory

We have added the users and granted access to the application. Now we will look into revoking access to a user.

Step 34

To revoke access when an employee leaves the company got to the application. Under manage menu. Go to 'users and groups'. Select the user who's access need to be revoked and click remove. And choose yes to conform.

Azure Active Directory

Azure Active Directory

Once the user has been removed access to the application on the access panel will be removed automatically.

Azure Active Directory


Similar Articles