Enabling Single Sign-On (SSO) in My20i for Microsoft and Google Accounts

My Services – My Account
Chris Wright
Published: 16 October 2024Last updated: 13 November 2024
Share:

At 20i, we aim to simplify your login process by allowing you to use your corporate Microsoft or Google accounts to access My20i. This Single Sign-On (SSO) feature streamlines password management, making it easier for your organization to manage access for employees and contractors. 

Benefits of SSO:

  • Simplifies password management.
  • Reduces the number of login credentials required.
  • Enhances security by allowing corporate identity management.

Here’s a step-by-step guide on how to enable SSO for your My20i account.

Prerequisites:

Before proceeding, ensure you have:

  • Admin access to your Microsoft Azure (Entra) or Google Cloud Console.
  • Current My20i account password.
  • Ability to create applications within your corporate account settings.

Step 1: Enable SSO

Add My20i as an Application in Google or Microsoft

For Microsoft (Azure Entra):

Log in to the Azure portal.

Navigate to the Azure Active Directory section.

Select App registrations and click on New registration.

Fill in the application details:

  • Name: My20i
  • Redirect URI: Set to https://my.20i.com/login/openid

Click Register.

Note down the Application (client) ID and Directory (tenant) ID.

Go to Certificates & secrets and create a new client secret. Note this secret.

For Google:

  1. Log in to Google Cloud Console.
  2. Navigate to APIs & Services > Credentials.
  3. Click on Create Credentials and select OAuth Client ID.
  4. Configure the consent screen if prompted.
  5. Set the application type to Web application and provide the redirect URI: https://my.20i.com/login/openid
  6. Click Create and note down the Client ID and Client Secret.

Step 2: Enable SSO in My20i

Log in to your My20i account.

Navigate to the Security Details page.

Scroll down to the My20i Single Sign-On section.

Select Microsoft or Google, depending on your choice of SSO.

Enter the following details:

  • Directory (tenant) ID (for Microsoft only)
  • Application (client) ID
  • Secret
  • Current Password for your My20i account.

Optionally, check the box to Require SSO sign in? to disable user password authentication.

Click Add SSO App to complete the setup.

Logging in via SSO

Once SSO is enabled, users can log in using the following steps:

  1. Navigate to My20i SSO login (https://my.20i.com/login-sso). 
  2. Enter your corporate email address.
  3. You will be redirected to the Microsoft or Google login page for authentication.
  4. Upon successful login, you will be redirected back to My20i.

Additional Notes

Team Member Access: You can also create Team Members in My20i who can log in using their corporate accounts. 

You will need to ensure that their user email address on the My20i account is exactly the same as their corporate email address that they will use to login via either Google or Microsoft. 

Their username should be the local part of their corporate email address. For example, if their email address is johndoe@20iexample.com then their username should be johndoe.

Set their access permissions as needed. For assistance with creating Team Member accounts, please see here.

If you have any further questions or need assistance, please contact our support team. 

Enjoy the benefits of simplified access with SSO in My20i.