The SI integration with Azure Active Directory (AAD), a leading cloud-based directory and identity management services solution for businesses, allows you to log into SI using the same credentials used in AAD.

Thus, SI provides a Single Sign-On option. This means that no passwords are created or stored in SI, adding a layer of security for you.

To enable and configure the integration with AAD, you will need to add some configuration to AAD and then enable the integration on SI.

1/ Sign in to your instance of AAD using this link: https://aad.portal.azure.com/.

2/ Click All Services in the left panel and then click Azure Active Directory.

The Company Overview window will be displayed.

3/ Click App registrations under Manage.

4/ Click New registration.

5/ Enter a name, DTOOLSSI is a fine name.

6/ Leave the "Accounts in this organizational directory only...." option selected and click the Register button.

7/ Click Authentications under Manage.

8/ Click Add a platform.

9/ Click Mobile and desktop applications.

10/ In the Configure Desktop + devices window, select the first option and click the Configure button.

11/ Scroll down, click Yes to Allow public client flows, and click the Save button.

12/ Click API permissions under Manage.

13/ Click Add a permission.

14/ Click Microsoft Graph.

15/ Click Delegated permissions.

16/ Search for User.Read.All. Click on it to select the permission, then click the Add Permissions button.

17/ Click Grant admin consent for DTOOLSSI (or whatever you decided to name the integration in step 5.)

18/ Click Overview and note the Application (client) ID and Directory (tenant) ID values.

1/ Open System Integrator and click Start > Setup > Control Panel.

2/ Double-click the Azure Active Directory icon.

3/ Select the Enable integration checkbox, enter your client ID and tenant ID from AAD, and then click Save.

You will be prompted to sign in to your AAD instance.

Once you sign in, you will get a confirmation that the integration is enabled.