Enterprise users connecting to Professional may be authenticated with Azure Active Directory (AAD).
When configured (see Azure Active Directory for User Authentication), a "Sign in with Microsoft" button is visible on the login screen after entering the Server Name (Server Type = Enterprise).
Note: Prior to EQuIS 7.21.3, this process compares the email address used in Enterprise to the AAD Email field, rather than the AAD User Principal Name. For "Sign in with Microsoft" to work in EQuIS Professional, ensure that the ST_USER.EMAIL_ADDRESS field matches the AAD Email field highlighted below (click picture for more detail), particularly if your organization has changed names or uses multiple domains. For other options in EQuIS 7.21.3 and up, consult the configuration options in Azure Active Directory for User Authentication.
Click Sign in with Microsoft.
The connection is redirected to https://login.microsoftonline.com/, which opens a new login prompt.
Enter the Email and Password for your Microsoft AAD account credentials.
The user is directed back to Professional as an authenticated user.
The Microsoft account tokens are cached to allow one-click sign in until the token expires (per site settings). The token cache is stored at C:\Users\<user name>\AppData\Roaming\EarthSoft\msalcache.bin.
Copyright © 2023 EarthSoft, Inc. • Modified: 03 Jan 2023