Set up for Microsoft, MFA and Case Manager

You can now log in to Case Manager with your Microsoft Azure account, which provides the extra convenience and security of single sign-on (SSO) and multi-factor authentication (MFA).

There are two components of the setup process:

  • Setting up your Case Manager system to offer login with Microsoft Azure accounts.
  • This done by the system administrator, see below at Set up Connections.

  • Each user needs to confirm that they can access their Microsoft Azure account, that it's connected to Case Manager and is set up for MFA.
  • See the instructions immediately below.

Setting yourself up for Microsoft, MFA and Case Manager

The diagram shows the steps involved. You will already be at one of the five stages. Simply determine where you are and follow the rest of the steps.

Set up the connection between Case Manager and Microsoft accounts

This is done by the system administrator.

If your system is hosted by Chameleon Software

Go to the Security system settings by selecting Tools > Options and then click the Security tab.

  1. Click the Use Microsoft sign-in option.
  2. Enter approved domains in the Domain Whitelist area
  3. Users can only enter Microsoft credentials if their username is an email address that includes a domain in this list.

    This restricts the online credentials that can be used to log in to Case Manager.

  4. Click Setup.
  5. Save your changes.
  6. In the unlikely event that the following error message appears when you save, do not be alarmed:

    This is a simple issue and can be resolved with a quick phone call to Chameleon support.

  7. At the Employee List change the User ID (username) for each user to their MS Azure AD account username.

Note:

  1. If you wish to setup your own Azure app you need to contact Case Manager Support for additional documentation.

When your system is not hosted by Chameleon Software

If your system is not hosted by Chameleon Software, contact us at Case Manager Support to assist you to set up the link.

Enter approved domains in the Domain Whitelist (2).

On completion, modify your employee records as described at step 5 above.

Granting consent

If you add the Azure Case Manager app using the Azure AD portal > Enterprise Applications, you need to grant consent for your company so that users can sign into Case Manager using the Azure AD App.

Click image to enlarge/reduce.

If this is not done, users entering their login details will see this error:

After the link has been set up:

  1. A system administrator who is logged in with their Microsoft credentials can untick the option to enable login with Case Manager local usernames and passwords.
  2. This ensures that users can only log in to Case Manager using the Microsoft MFA.

If you want to retain both login options, users using the local login must enter their MS Azure AD account usernames with their Case Manager passwords.

Flowchart credit