Agency-Side Administrator Settings for Microsoft Azure AD Single Sign On

Once Microsoft Azure AD Single Sign On has been enabled for your site, there are two major steps to start using SSO. To create the SSO link with LegalServer, you’ll need to 1) set things up in Azure AD, and then 2) enter information into the SSO configuration on your LegalServer site.


Azure AD SSO Setup

Add an App in Azure AD

Step 1 - Register the app


Step 2 - Register the app, granting access to "Accounts in this organizational directory only (​<AD Tenant Name> only - Single tenant)"


Step 3 - Add redirect URL



Step 4 - Click “Add Platform”



Step 5 - Click “Web” (Web applications)




Step 6 - Set the redirect URI ​https://aws-auth.legalserver.org/sso and click “Configure”


Enter your Azure AD Credentials in LegalServer

Note: These settings affect the security of your agency's data, and if your admin staff has any question at all about properly configuring Azure AD securely, we encourage you to get the help of a consultant. Our staff can provide you with contact information for consultants who have worked on Microsoft integrations with LegalServer.

Once Single Sign On is enabled for your site, and you have configured Azure AD, configure Azure AD settings in LegalServer on the Admin > Single Sign On page:


Test SSO

Set a test LegalServer user email account to match the email address of a test Azure AD account (e.g., ​sharepoint-test@legalserver.onmicrosoft.com). Sign out, click "Single Sign On", supply the test credentials and accept/authorize the app. You should now be logged in to LegalServer as the user.