Introduction
This article provides a step-by-step guide to enabling Single Sign-On (SSO) for the Business Dashboard. You will need assistance from your internal IT department to complete this setup. It covers detailed instructions on the following topics:
Configuring SSO with Google
Configuring SSO with Azure
Domain name validation
Configuring SSO with Google
To set up SSO with Google, follow these steps:
Create a new OAuth2.0 API Credential in Google.
Set the origin to: https://accounts.airthings.com/
Set the redirect URI to: https://accounts.airthings.com/federated
Copy the client ID and secret for use in the Airthings Dashboard.
Log in to the Airthings Dashboard and navigate to: Account - Organization - SSO
Enable SSO and complete the following fields:
Select Google as the provider.
Enter the email domain for which you want to activate SSO.
Enter the client ID and secret copied from the Google API Credentials setup.
Save the form and copy the TXT record.
Add the TXT record to your DNS provider for the email domain.
Once the TXT record is in place, you can verify domain ownership from within the SSO setup form.
After successful verification, you can activate SSO for your domain by clicking "Activate" in the form.
Proceed by inviting the users (by email) to your organization on the Airthings Dashboard.
Configuring SSO with Azure
Create a new App registration.
Set the redirect URI as: https://accounts.airthings.com/federated
Create a client secret. The client ID and secret will be used in the Airthings Dashboard.
Ensure the client is permitted to read User Info under API Permissions.
Log in to the Airthings Dashboard and navigate to: Account - Organization - SSO
Enable SSO and complete the following fields:
Select Microsoft as the provider.
Enter your Microsoft Tenant ID.
Enter the email domain for which you want to activate SSO.
Enter the client ID and secret copied from the Azure App Registration setup.
Save the form and copy the TXT record.
Add the TXT record to your DNS provider for the email domain.
Once the TXT record is in place, you can verify domain ownership from within the SSO setup form.
After successful verification, you can activate SSO for your domain by clicking "Activate" in the form.
After activation users configured with email addresses matching the verified email domain will be able to sign in to Airthings using SSO.
Proceed by inviting the users (by email) to your organization on the Airthings Dashboard.
How to validate the domain name
To use Single Sign-On (SSO) for the Airthings Dashboard, you must validate your domain ownership. This requires adding a TXT record to the domain registered in the Airthings Dashboard. Follow the steps below for domain validation. If you want to use multiple domain names, these steps need to be completed for each domain name individually.
Login to your domain registrar or DNS provider account.
Go to the DNS management section. Look for a section labeled "DNS" or "DNS management." Keep in mind that the exact location of this section may vary depending on your domain registrar or DNS provider.
Select the domain you wish to validate. If you have multiple domains, ensure that you choose the correct domain for which you want to add the TXT record. This should match the domain you entered in the “email domain” field in the SSO setup.
Add a new TXT record. Look for an option to add a new record, usually labeled "Add Record" or "Add DNS Record." From the dropdown menu, select "TXT" as the record type.
Enter the required information. You will need to input the "Name" or "Host" field and the "Value" field. The "Name" field should be the domain name you want to validate, and the "Value" field should be the specific TXT record value that you received from the Airthings dashboard.
Save your changes. Once you have entered the required information, click the "Save" button. Please keep in mind that it might take a few minutes to a few hours for the new TXT record to propagate throughout the DNS system.
Verify domain validation in the Airthings dashboard. After performing the above steps, you can verify that the domain validation has been completed by checking the Airthings dashboard. In the domain verification section, click on the Verify button next to the domain you added the TXT record for.
If the verification is successful, the domain will be marked as verified. If the verification fails, you can use an online tool, such as "DNS Checker" or "MX Toolbox," to check the TXT record for your domain as a troubleshooting step.