With Azure Active Directory (AD) your users will be able to login to Twine with their Active Directory username and password. 

Once the user has authorised Twine access to their user's basic profile information they will stay logged in to Twine. Twine will sync Active Directory profile information, profile image, department and office.

To setup Azure AD with Twine, someone familiar with Azure will need to follow this tutorial.

From the Azure portal (https://portal.azure.com/#home)

Create the Azure AD app

Navigate to Azure Active Directory > App Registrations

Create the app by tapping "New registration"

Set "Name" as "Twine" (this will be displayed to users on login)
Set "Application type" as "Web"
Set "Redirect URI" to the login page of your twine e.g. https://<your twine subdomain>.twineapp.com/login/callback/azure

Tap "Register", then make a note of your application (client) ID and Directory (tenant) ID on the next page

Tap "View API Permission" on the current screen

Under the API table, tap "Add API Permission" then scroll to the bottom of the list and tap "Azure Active Directory Graph"

Under the delegated permissions tab, Enable the permissions "Access the directory as the signed-in user" and "Sign in and read user profile"

Tap "Add Permissions"

Then Tap "Certificates and Secrets" from the Settings on the left

Add a "Add new client secret"
Description: "Twine"
Expires: "Never"
Value: This will be revealed when you hit "Save"

Tap "Save"



Securely copy down the API key for use later

Securely sending Azure AD App settings

Now we'll need to send this information securely to your Twine account manager.

  1. Navigate to https://onetimesecret.com/ 
  2. Paste in the following information: Application (client) ID, Directory (tenant) ID & the Client Secret value from above.
  3. Set a passphrase
  4. Let the link expire within a day
  5. Tap "Create a secret link"
  6. Copy and paste that link to your Twine account manager in an email directly with the passphrase that they will need.
  7. They then open it, securely make a note of it. The link and content at that point will expire. They will then RSVP that they have received the information correctly
Did this answer your question?