Keyfax SSO β via Microsoft Entra ID Support
Keyfax Single Sign On (SSO) allows password and permissions management to be orchestrated from Microsoft Entra Id allowing users to start Keyfax without entering a username or password.
Last updated
Keyfax Single Sign On (SSO) allows password and permissions management to be orchestrated from Microsoft Entra Id allowing users to start Keyfax without entering a username or password.
Last updated
Microsoft Entra ID is a cloud-based service that manages identity and access to applications and services. With Keyfax 4.4.7.0 organizations can now leverage Microsoft Entra ID to centrally manage access and permissions throughout Keyfax.
Currently Microsoft Entra ID can be used to centrally manage access and permissions for Keyfax script authors who require access to Keyfax Administrator Tools. This gives organisations central control over access to the administrative interface of Keyfax and provides script authors a seamless single sign-on experience. For example, with Microsoft Entra ID support enabled, script authors no longer need to enter a username and password to access Keyfax Administrator Tools as shown below...
There are several possible configuration options for Keyfax SSO with Microsoft Entra ID:
Authentication Only: Authentication (i.e. ability to sign into the 'Keyfax Administration Tool' or 'Keyfax Web Staff') using Microsoft Entra ID user 'memberships' of roles or applications; whilst user permissions remain under the control of the User Maintenance page in the 'Keyfax Administration Tool'
Authentication And Permissions: Authentication and 'Keyfax Administration Tool' user permissions managed wholly by Microsoft Entra ID user 'memberships' of roles within the Microsoft Entra ID portal
Application to Keyfax solution elements: Either of the above for the 'Keyfax Administration Tool' only or 'Keyfax Web Staff' solution only or both.
What are the benefits of using Keyfax SSO via Microsoft Entra ID support:
Improved Security: By reducing password fatigue, users are less likely to reuse weak passwords. IT can enforce strong authentication methods like multi-factor authentication (MFA) alongside SSO, minimizing security risks.
Better Compliance and Auditing: SSO solutions offer centralized logging and monitoring, which improves visibility into access activities, supports regulatory compliance, and simplifies auditing.
Simplified User Management: IT teams can centrally manage authentication, making onboarding and offboarding more efficient. With SSO, revoking a userβs access across multiple platforms is easier and ensures compliance with security policies.
In addition, for call centre advisors and / or service staff Microsoft Entra ID can also be enabled to secure access and permissions for publicly facing installations of Keyfax Repair Diagnostics and / or Keyfax Enquiries Diagnostics. This is useful if you have a staff installation of Keyfax that needs to be accessed over the public internet but needs to be secure and only accessible to call centre advisors and / or service staff.
An example of editing a Microsoft Entra ID account via Keyfax Administrator Tools is shown below...
To control permissions and access to Keyfax for users and groups, application roles can be created within the Entra ID admin centre and mapped to the permissions seen above. In this configuration example, modification of permissions by the 'Keyfax Administration Tool' is disabled making permissions changes the jurisdiction of the IT department with control of Microsoft Entra ID.
Equally, an alternative configuration allows for the Keyfax permissions to be managed by the Keyfax Administrator (through the above page in the 'Keyfax Administration Tool') - in which case only the usernames and passwords are managed by Microsoft Entra ID.
Contact Omfax Support for more information.
