Skip to main content
All CollectionsSecurity, Privacy & Status
Single Sign-On (SSO) with Microsoft Entra ID
Single Sign-On (SSO) with Microsoft Entra ID

Use Microsoft Entra ID to manage admin user logins to Qondor

Martin Moen avatar
Written by Martin Moen
Updated over a week ago

Introduction

If you're looking to streamline your login process and enhance security, enabling Single Sign-On (SSO) through Microsoft Entra ID on the Qondor platform is an excellent choice. Here's why you should consider activating SSO for your team:

User-Friendliness

SSO allows users to log in once and access multiple applications without having to authenticate again for each service. This provides a seamless and user-friendly experience.


Enhanced security

With SSO, organizations can manage access control and authentication policies centrally. This reduces the risk associated with weak passwords and provides better monitoring of suspicious activity.

Efficiency for IT administration

Managing user accounts becomes more efficient since the IT department can control access from a central point. This reduces the time spent on password resets and user administration.

Reduction of password fatigue

Users no longer need to remember multiple passwords for different services, which decreases the risk of weak password choices and leads to fewer instances of forgotten passwords.



First-time setup

The initial setup of Entra ID SSO must be performed by a user who has sufficient Entra ID privileges to consent to granting the Qondor Entra ID application access to basic data. We recommend that this be done by your Entra ID administrator:

Entra security groups

Qondor allows you to assign specific security groups for each access level - Project Manager, Office Administrator, and Super Administrator - or use the same security group for all levels. This flexibility enables you to manage Qondor access directly through your Entra.

What Happens When Entra ID SSO Is Enabled?

  • Matching usernames required: Only admin users who have matching usernames (email addresses) in both Entra ID and Qondor will be able to log in.

  • Disabled traditional login: The traditional username and password login in Qondor is disabled for all admin users.

Entra security incidents

If you're a Qondor user facing security concerns related to your Entra ID account(s), such as a password breach or a stolen PC with active sessions, follow these steps:

  1. Take necessary actions in Entra ID: Immediately contact your Entra ID administrator to take the required actions to secure your account.

  2. Deactivate the user in Qondor: Qondor does not have access to the status of Entra ID accounts. To prevent potential unauthorized access, ensure that you deactivate the user from the Qondor admin interface. This is the only way to guarantee that the user is logged out of their Qondor sessions.

Technical details

  • Separate automatic timeouts: Automatic timeouts are separate for Entra ID and Qondor. Being logged out of Entra ID due to timeout will not log the user out of Qondor, and vice versa.

  • Manual logout from Qondor: When a user manually logs out of Qondor, they will be prompted to also log out of Entra ID. This is optional, and the user can choose to ignore it.

  • Manual logout from Entra ID: When a user manually logs out of Entra ID, an attempt will be made to also log the user out of Qondor. However, certain browsers or browser settings may block this attempt, causing the user to remain logged into Qondor.


Ready to enable SSO?

Contact us for more information on pricing and the setup process of SSO for your organization!

Related Articles
Multi-factor Authentication (MFA) for Project managers
How to enable 2FA via authenticator app for your users
Qondor Release notes 2024
Did this answer your question?