LogoLogo
  • Welcome
  • GETTING STARTED
    • SigningHub at a Glance
      • Overview
      • Why SigningHub
      • Signature types
      • Signing methods
      • Mobile signatures
        • How SigningHub works
      • Enterprise management
    • Key Terminologies & Concepts
      • System terminologies
      • System users
      • Service plans
      • Individual vs Enterprise subscriptions
      • Document statuses
  • Registration & Login
    • Account Registration
      • Register a free trial account
      • Register an individual account
      • Register an enterprise account
      • Accept an enterprise user invitation
      • Direct registration
    • Login & Authentication Methods
      • Login through SigningHub ID
      • Login through Microsoft Active Directory
        • Auto Provisioning for Microsoft Active Directory
      • Login through Salesforce
      • Login through Microsoft ADFS
      • Login through Microsoft Office 365
      • Login through LinkedIn
      • Login through Google
      • OTP as a two-factor authentication
      • Login through the SSL client
      • Login through Freja eID
      • Login through Azure Active Directory
        • Auto-Provisioning for Azure Active Directory
      • Corporate logins
      • Login through OIDC
      • Login through OAuth2
      • Login through Azure SAML- based SSO
  • Dashboard & Listing
    • Dashboard
      • GeoIP-based user location
      • Multilingual user interface
    • Document Listing
      • Document interactions
      • Manage custom folders
      • Manage the archive folder
      • Manage shared folders
      • Document actions
        • Sign
        • Bulk sign
        • Bulk share
        • View document
        • Package details
        • Send reminder
        • Workflow details
        • Comments
        • Start a new signing process
        • Recall
        • Evidence report
        • Replicate workflow
        • Download
        • Rename
        • Move to folder
        • Print
        • Delete
      • Search a document
  • Sharing & Signing
    • Document Sharing - A Document Owner's View
      • Sign a new document
      • Add a document
        • Document certification settings
        • Document-related utilities
        • Supported documents
      • Apply a template on your document
      • Configure signing order
      • Add a recipient, electronic seal, and placeholder
      • Configure special privileges
        • Configure recipient permissions
        • Configure document access security
        • Configure workflow reminders
        • Configure email language
        • Configure post processing
      • Configure comments
      • Add data fields
        • Add signature fields
        • Add in-person signature fields
        • Add electronic seal fields
        • Add initials fields
        • Add attachment fields
        • Add form components
        • Configure form filling
        • Add QR Code
        • Add unique identifier
        • Add drop-in comments
      • Add comments
      • Add attachments
        • Make attachments compulsory
      • Append documents
      • Save as template
      • Add email message
      • Change a recipient/placeholder after sharing
    • Document Signing - A Recipient's View
      • Open a pending document
      • Add/download attachments
      • Append documents
      • Recipient permissions
      • Fill in your form components
      • Fill in your form fields
      • Add your initials
      • Add your field attachments
      • Add your in-person signature
      • Agree to the legal notice
      • Add comments
      • Add your signature
        • XML signing
        • Word document signing
        • Electronic seal signing
        • eID Easy signing
        • CSC signing
        • Remote Authorisation Signing (RAS)
        • Signing using Policy OID
        • Local-side signing using T1C Server
        • Local-side signing using ADSS Server
        • Signing based on National ID validation
        • Signing via signature pad
        • Signing behavior w.r.t signature appearance
          • Enterprise subscription
          • Individual subscription
        • OTP authentication
      • Bulk sign fields
      • Add drop-in comments
      • Review a document
      • Update a document
      • Host in-person signing
      • Decline a document
      • View verification details
      • Change a recipient/ placeholder
      • Delegate your signing authority in a workflow
      • QR code scanning
      • Signing flow via API
        • Server-side signing
          • Single document signing
            • ADSS signing
            • RAS signing
            • CSC signing
            • eID Easy signing
          • Bulk document signing
            • ADSS signing
            • RAS signing
            • CSC signing
        • Client-side signing
          • Single document signing
            • T1C signing
            • Go>Sign signing
          • Bulk document signing
            • T1C signing
            • Go>Sign signing
  • Configurations
    • Personal Configurations
      • Set up your SigningHub profile
        • Locale
        • Enterprise
      • Active sessions
      • Authorised devices
      • Two-Factor Authentication (2FA)
      • Security
      • Manage your contacts
        • Import contacts via CSV file
      • Manage your groups
      • Manage your library
        • Manage your library documents
        • Manage your library folders
      • Manage your templates
        • Add a document
          • Configure certified signature
        • Add recipient(s), electronic seal(s) and placeholder(s)
        • Configure workflow type
        • Configure document comments
        • Configure special privileges
          • Configure recipient permissions
          • Configure document access security
          • Configure auto reminders
          • Configure email language
          • Configure post processing
        • Add email message
        • Add data fields
          • Add signature fields
          • Add in-person signature fields
          • Add electronic seal fields
          • Add initials fields
          • Add attachment fields
          • Add form components
          • Configure form filling
          • Add QR Code
        • Read-only templates
      • Manage your legal notices
      • Manage your SmartForms
        • Using SmartForm for response collection
        • Using SmartForm for routing
      • Configure signature settings
      • Enable cloud drives
      • Delegate settings
      • Configure your notifications
        • Configure your email content
      • Optimize your account storage
      • Delete your account
    • Enterprise Configurations
      • Set up your enterprise profile
      • View your enterprise logs
      • Manage your enterprise contacts
        • Import contacts via CSV file
      • Manage your enterprise groups
      • Manage your enterprise users
        • Register an enterprise user
        • Register enterprise users via CSV file
        • Edit Enterprise User Details
        • Reset the password of your enterprise user
        • Reset two factor of your enterprise user
        • View activities of your enterprise users
        • Set service quota of your enterprise use
        • Invite an enterprise user
        • Invite enterprise users via CSV file
        • Pre-authorize users
        • Disable an enterprise user
        • Search an enterprise user
        • Manage signing certificates
      • Manage your user roles
        • Basic information
        • User access preferences
        • Enterprise access preferences
        • Document preferences
        • Template and library document preferences
        • Signature preferences
        • Signature appearance preferences
        • Signing server preferences
      • Manage your enterprise documents
        • View all documents of your enterprise
        • View package details of your enterprise documents
        • View workflow details of your enterprise documents
        • Manage recipients of your enterprise documents
        • Send workflow completion report of an enterprise document
        • Terminate workflow of your enterprise documents
        • Delete your enterprise documents
      • Manage your enterprise library
        • Manage your enterprise library documents
        • Manage your enterprise library folders
      • Manage your enterprise templates
      • Manage enterprise legal notices
      • Manage your electronic seals
      • Document reports
      • Signature reports
      • Electronic seal statistics
      • Advanced reports
      • Brand your enterprise account
        • Primary colour
        • Sidebar navigation
        • Error colour
      • Integrate third party applications
        • Manage third party integrations
        • Assign custom roles to external users
      • Manage certificate filters
      • Configure your enterprise notifications
        • Configure your enterprise email content
      • Configure advanced settings
        • Configure enterprise default settings
        • Delete enterprise account
        • Configure document accessibility preferences
  • Service Plan Management
    • Service Plans and Billing
      • View your service plan & usage statistics
      • View your billing invoice
      • Upgrade your service plan
      • Cancel plan
  • Track & Audit Activities
    • Audit Trail Options
      • View the activity logs
      • View the workflow history
      • View the workflow evidence report
      • View system notifications
Powered by GitBook

© Ascertia Limited 2025

On this page
  • Introduction
  • How it works?
  • Configure a connector in SigningHub Admin
  • Configure an authentication profile in SigningHub Admin
  • Configure auto-provisioning in SigningHub Web
  • Configure a security group for auto-provisioning
  • Auto-provision users at login
  • Login preferences for auto-provisioning

Was this helpful?

Export as PDF
  1. Registration & Login
  2. Login & Authentication Methods
  3. Login through Azure Active Directory

Auto-Provisioning for Azure Active Directory

PreviousLogin through Azure Active DirectoryNextCorporate logins

Last updated 5 months ago

Was this helpful?

Introduction

SigningHub gives you an option to pre-authorize users in your Azure Active Directory so that they may serve as your registered enterprise users. In this way, your enterprise users can use their Directory credentials (i.e. organizational domain user ID and password) for SigningHub authentication, and won't even need to create their SigningHub IDs.

How it works?

  1. Configure an Azure Active Directory connector in SigningHub Admin.

  2. Configure the connector in an authentication profile, in SigningHub Admin.

  3. Configure auto provisioning in SigningHub Web.

  4. Configure a security group for auto-provisioning.

  5. Auto-provision the users at login

Configure a connector in SigningHub Admin

Make the following configurations to a connector in SigningHub Admin:

  1. In the "Basic Information" section, choose "Azure Active Directory" as the "Provider".

  2. In the "Details" section, fill in the required fields.

  1. In addition to "User.Read", an additional mandatory permission, "Directory.Read.All", will have to be configured for pre-authorization of users in Azure Active Directory.

Configure an authentication profile in SigningHub Admin

Make the following configurations to an authentication profile in SigningHub Admin:

  1. Select the Azure Active Directory Connector created earlier, in the highlighted field below:

  1. If you want to allow access to specific authorised security groups in your Azure Active Directory (i.e. Sales, Marketing, Accounts, etc.), enter the name of the security groups, with comma separation, in the "Allowed Groups" field to be used for provisioning in SigningHub.

  2. If the "Allowed Groups" field is left blank, then all the domain users of a directory would be able to authenticate by using the authentication profile.

Configure auto-provisioning in SigningHub Web

Make the following configurations in the "Users" tab in SigningHub Web:

  1. In the "Auto Provision Users" section, check the "Automatically register the users" check box and select the "Authentication Profile", created earlier. Click the "Save" button.

  2. If multiple enterprises have been configured within an on-premises deployment, then the "Automatically register the users" check box should be ticked for only one enterprise.

  3. Both public and private authentication profiles will be visible in the "Authentication Profile" drop-down for pre-authorising users.

Configure a security group for auto-provisioning

SingingHub also allows you to give role-based access to SigningHub (i.e. Enterprise Admin, Enterprise Users, etc.) at the Security Group level.

Make the following configurations to a security group in SigningHub Web:

  1. For the security group, add the name and role of the security group.

  1. The added security group will be listed inside the Security Group grid. All the users that belong to the security group will be automatically registered and activated in SigningHub, upon login, under the specified role.

  2. The names of the security groups are not validated against the security groups in the Azure Active Directory, at this screen, so the correct security group name must be added for successful pre-authorisation upon login.

  3. In case specific authorised security groups in were allowed in the authentication profile, only the security groups will appear in the "Security Group" drop down.

Auto-provision users at login

Logging in through your Azure Active Directory credentials for the first time, will take you to the registration screen and display your Azure Active Directory (email address) for new registration. After registration, you can easily login through your Azure Active Directory credentials. However, if the "Automatically register the users" check box is ticked from the "Auto Provision Users" screen, and an Azure Active Directory has been selected as an Authentication Profile, then the registration screen will not be displayed, as the provisioned Azure Active Directory users from there will be automatically registered and activated in SigningHub.

  1. From the "More Login Options" option, select Azure Active Directory.

  2. Provide your Azure Active Directory credentials.

  3. The following login preferences will be followed when logging into SigningHub Web via Azure Active Directory:

Login preferences for auto-provisioning

Availability of Security Group in Azure Active Directory
Availability of Security Group in SigningHub Web
System Behaviour

Yes, the security group exists.

Yes, the mapping for the security group exists.

  • In case the user was already registered, the system will log in the user as per the assigned role.

  • In case the user was not already registered, the system will register, auto activate, and log in the user as per the assigned role.

Yes, the security group exists.

No, the mapping for the security group does not exist.

  • In case the user was already registered, the system will log in the user as per the default role.

  • In case the user was not already registered, the system will register, auto activate, and log in the user as per the default role.

No, the security group does not exist.

N/A

  • The system will throw an error and will not allow auto-provisioning.

To see in detail, how to pre-authorise users in SigningHub, .

All the users that belong to the selected authentication profile will be authorised through Azure Active Directory upon login and will be automatically registered and activated in SigningHub under the SigningHub role, provided that provisioning is not enabled by any other enterprise within the same on-premises deployment.

click here
default