Information about the SSO Authentication
The DCRM authentication does not require a unique username and password for you to remember but instead uses Single Sign On to authenticate you using an existing Identity Provider that your company is likely already configured for and actively using on a daily basis.
We have implemented authentication using Guest Accounts in Microsoft 365. This is the same account type that is used when a company using SharePoint or Microsoft Teams invites you to collaborate in a Microsoft Team or share files in a SharePoint Site.
One of the highly attractive features of using a M365 Guest Account is that you do not need to create or remember another password. Instead, we invite you to access our Microsoft Tenant using your existing Microsoft account managed by your company. We can also trust your company's Multifactor Authentication if they have implemented it, so you will not need to set up an additional Multifactor Authentication in most cases.
- If your company does not use Microsoft 365, this invitation system will automatically allow you to use an individually created Microsoft account.
- If you do not have a Microsoft account tied to your email address this invitation will automatically allow you to authenticate by sending you a single use code to your email address.
- In both these cases, you will be required to enroll a form of MFA during your acceptance of the invitation (more details below)
By accepting this invitation, the only information NAC International will be able to access in your Microsoft account is your profile data and the logs showing when you accessed our Microsoft Tenant using this Guest Account invitation.
- Your profile data means your name, email address, and photo
-
Your activity data means your access, usage, and content associated with their (NAC) apps and resources
- "their" means NAC International, so NAC International apps and resources only
-
This data may be used with your access and use of their (NAC) apps and resources, as well as to create, control, and administer an account according to their (NAC) policies
- NAC International can administer your account only to the extent that applies to NAC International apps and resources
How the process to set up the New Authentication works
When you are invited, you will receive an email from Microsoft that is sent on NAC International's behalf.
|
|
When clicking the Accept invitation link you will be asked to authenticate with your own company's Microsoft Account. In many cases you will already be authenticated with your company Microsoft Account.
You will then be shown the invitation, as seen below.
If your company has implemented Multifactor Authentication on your Microsoft account, and we have set up our policies to trust your Microsoft 365 Tenant MFA implementation, you will be successfully logged in at this point and will be redirected to the Microsoft My Apps page for the NAC International Tenant that will contain the link to the NAC DCRM Index. Please see more information about this page and other links below.
If your company requires you to use MFA on your Microsoft account already and it is not being trusted in this case, please reach out to us at help@nacintl.com so we can turn this policy on for your Microsoft 365 Tenant to save you from having to set up another MFA provider.
Setting up Multifactor Authentication
If we have not set up our policies to trust your Microsoft 365 Tenant MFA implementation yet, you are using a personally created Microsoft account, or you do not have a Microsoft account at all, you will be required to enroll a form of MFA to keep your access to the NAC DCRM Index secure.
If this paragraph applies to you, you will be prompted with a notice from Microsoft titled:
More information required.
After clicking Next, you will be taken to a page that looks like this:
The preferred MFA method is the Microsoft Authenticator app. If you do not already have the Microsoft Authenticator app on your mobile device, you can install it using QR codes available by clicking the Download now link shown in the screenshot above.
If you cannot use the Microsoft Authenticator for some reason, we also support using a third-party MFA provider, or as a last resort, also support using SMS as a form of MFA. If you need to use one of these other options, please click the I want to set up a different method link at the bottom of any of these Microsoft Authenticator pages
Once you have the Microsoft Authenticator installed on your mobile device, click Next and you will be taken to the next screen to set up your account.
On your mobile device, in the Microsoft Authenticator app click to add an account (if you already have a different account in your Microsoft Authenticator app, click the + in the top right corner to add an additional account) Select "Work or school" and then choose Scan a QR Code. Now choose Next on the screen shown in the screenshot above.
You will be taken to a screen that is showing a QR code; scan QR code shown on your computer screen with the Microsoft Authenticator app (which should be ready and waiting to scan a QR code from the previous step)
Once you have scanned the QR code with the Microsoft Authenticator, click Next on the page showing the QR code and it will send a message to your mobile device to test the connection. You will be shown a success message if everything was set up correctly.
Links to the NAC DCRM Index
Microsoft My Apps page for the NAC International Tenant
https://myapplications.microsoft.com/?tenantid=584d053c-c494-41d0-ba83-a8886352c1e7
Direct Link to the Microsoft 365 Authentication for the NAC DCRM Index
https://launcher.myapps.microsoft.com/api/signin/0670040e-a19e-46dd-ae45-ccfbcffcb9cf?tenantId=584d053c-c494-41d0-ba83-a8886352c1e7
Direct Link for the NAC DCRM Index
https://external.nacintl.com/index
If you have any trouble getting logged in, please let us know at help@nacintl.com