In today’s fast-paced digital landscape, the need for streamlined and secure access to reporting solutions is more critical than ever. Single sign-on (SSO) is a solution that simplifies user authentication and enhances the overall user experience. In this guide, we’ll explore how to implement SSO with Azure Active Directory (Azure AD) in the Bold Reports Report Server, a robust reporting solution designed for modern enterprises.
Understanding Bold Reports Report Server
The Bold Reports Report Server is a comprehensive reporting solution that empowers organizations to create, manage, and distribute reports efficiently. Its features include interactive dashboards, data visualization, and seamless collaboration. One key aspect of optimizing the use of such a tool is ensuring a user-friendly and secure authentication process.
Azure Active Directory—The Foundation
Azure AD serves as the foundation for our SSO implementation. It’s a cloud-based identity and access management service from Microsoft, offering features such as multifactor authentication, conditional access policies, and centralized user management. As we integrate the Bold Reports Report Server with Azure AD, these features will contribute to a more secure and efficient access control mechanism.
Integrating Bold Reports Report Server with Azure AD
Preparing your environment
Before diving into the configuration, ensure that you have the prerequisites for SSO integration:
- An Azure account: An Azure account with an Azure AD application created. If you don’t have one, you can sign up for a free trial on the Azure Portal.
- Bold Reports: Install the on-premises version of Bold Reports and log in with the administrator account.
Go to Azure Active Directory. In the directory, you should add two applications, one of which acts as a web API for authenticating Bold Reports and the other as a native client application for authenticating the Bold Reports mobile app.
Register the Bold Reports application in Azure AD
Step 1: Navigate to app registrations.
Start by entering the directory you created and selecting Azure Active Directory. From there, click App registrations.
Step 2: Register a new application.
Click New registration to initiate the process of adding a new application. 
Enter the application name and select the following options:
- Supported Account Types: Accounts in any organizational directory (any Azure AD directory – Multitenant).
- Redirect URI (optional): Specify the web redirect URI. Click Register to add the application to the directory.
The application will be added to the directory, and you can view the details of the application in the app registrations.
Step 3: Configure branding.
Select Branding from the left side. Enter the home page URL and click Save to configure branding settings. 
Step 4: Authentication settings.
Navigate to Authentication in the left side menu. Save the logout URL, implicit grant, and supported account types as indicated in the next screenshot. 
Step 5: Certificates & secrets.
Access Certificates & secrets to add a client secret. Click New client secret , as in the following screenshot. 
Provide a description, choose an expiration option, and click Add. Save the generated client secret value. 
Step 6: Define API permissions.
Proceed to API permissions, click Add a permission, and select Microsoft Graph. 
Configure the following permissions.
Application permissions:
- Directory: Read directory data.
Delegated permissions:
- Directory: Read directory data, access directory as the signed-in user.
- Group: Read all groups.
- User: Read and write access to user profile.
- Profile: View user’s basic profile.
Click Update permissions after selecting the listed permissions. 
Step 7: Grant admin consent.
After adding permissions, click Grant admin consent to authorize these permissions. This ensures that the admin’s consent is granted for the specified permissions. 
Step 8: Configure app ID URI.
In the Expose an API section, click Set next to Application ID URI. 
Enter the app ID URI and click Save. The application ID URI should be in the format http://{directory domain name}/{application id}. 
Step 9: Add a scope.
Still in the Expose an API section, click Add a scope. 
Enter the scope details, including admin and user consent display names and descriptions. Set the state to Enabled. Click Add scope to complete this step. 
The redirect URI and home page URL should be the URL of the Bold Reports application.
Register Bold Reports mobile application in Azure AD
Step 1: Navigate to app registrations.
Start by entering the directory you created and selecting Azure Active Directory. From there, click App registrations.
Step 2: Register a new application.
Click New registration to initiate the process of adding a new application. 
Enter the name of your application and choose the following options:
- Supported account types: Accounts in any organizational directory (Any Azure AD directory – Multitenant).
- Redirect URI (optional): Public client/native (mobile & desktop).
Enter the redirect URI and click Register. 
Once registered, your application will be added to the directory. You can view and manage the details of the application in the App registrations section.
Step 3: Configure branding.
Select Branding from the left side. Enter the home page URL and click Save to configure branding settings. 
Step 4: Expose an API.
In the Expose an API section, click Set next to Application ID URI. 
Enter the app ID URI and click Save. The Application ID URI should be in the format http://{directory domain name}/{application id}. 
The Home page URL should be the URL of the Bold Reports On-Premises application.
Benefits of SSO with Azure AD for Bold Reports Report Server
- Azure AD’s advanced security features, including multifactor authentication, enhance access controls.
- Users log in once and gain access to multiple applications, reducing the need for multiple credentials.
- Administrators can manage user accounts and permissions centrally through Azure AD.
Refer to the documentation for detailed, step-by-step guidance on setting up Azure Active Directory within Bold Reports and activating the single sign-on feature.
Furthermore, refer to this documentation for comprehensive instructions on configuring Azure Active Directory within Bold Reports to facilitate the importation of users and groups.
Conclusion
I hope this blog provided a clear idea of how to set up an application in Azure for SSO in in Bold Reports. To explore further, go through our sample reports and Bold Reports documentation.
If you have any questions, please post them in the comments section. You can also contact us through our contact page, or if you already have an account, you can log in to submit your support question.
Bold Reports comes with a 15-day free trial with no credit card information required. We welcome you to start a free trial and experience Bold Reports for yourself. Give it a try and let us know what you think!
Stay tuned to our official Twitter, Facebook, LinkedIn, and Instagram pages for announcements about upcoming releases.
Top comments (0)