Access to MYOB Greentree Cloud can be integrated with Entra (Azure) AD to allow staff to use their Office 365 credentials to access their MYOB Greentree Cloud applications.
Use the steps in this guide to complete the integration of your Entra AD.
Request SAML Integration
Integration between MYOB Greentree Cloud and Entra AD occurs via the SAML protocol. For SAML-based authentication into MYOB Greentree Cloud a customer-specific access URL will be provisioned.
To start this process, contact the MYOB Greentree Cloud Support team.
https://support.greentree.io/hc/en-us/requests/new
Please note, your customer-specific URL will be required to complete the next provisioning steps.
- Login to the Microsoft Entra admin center: https://entra.microsoft.com
- Expand the Entra ID section on the left-side menu
- Open the Enterprise apps page and from the All applications section click on New application:
- Search for Citrix ADC SAML Connector and choose Citrix ADC SAML Connector for Microsoft Entra ID as shown below:
- In the right sidebar that slides out, rename it from "Citrix ADC SAML Connector for Microsoft Entra ID" to MYOB GT Cloud and click on Create in the bottom left:
- This will create your MYOB GT Cloud enterprise app and take you to the Overview page
- From here click on Assign users and groups inside 1. Assign users and groups under Getting Started, or choose Users and groups under Manage in the left menu:
- Click on Add user/group to grant access to the application to a user or group of users.
It is recommended to allow access for all users so you don't have to remember to add users every time they are created.
SAML access can be managed from the MYOB Greentree Cloud Management Portal (https://admin.greentree.io) by giving per-user access to the Advanced Authentication service: - You can also configure conditional access at this point if needed, to enforce your company's own MFA (Multifactor Authentication) for example:
- You can now either select Get started inside 2. Set up single sign on back under the Overview section or you can click on Single sign-on in the left menu:
- Select SAML as the single sign-on method:
- Under step 1 (Basic SAML Configuration) choose Edit:
- Enter the following into the fields in the right side menu that slides out:
Identifier (Entity ID) - https://greentree.io
Reply URL (Assertion Consumer Service URL) - https://greentree.io/cgi/samlauth
Sign on URL - https://greentree.io
Make sure to SAVE your changes:
- Please provide the following certificate to the MYOB Greentree Cloud Support Team:
From step 3 of the Single Sign-On page, download the Certificate (Base64) and upload it to the secure link provided by the MYOB Greentree Cloud Support Team:
- Please also provide the following information so that we can link our environment with your new MYOB GT Cloud enterprise app:
From step 4 copy the Login URL
- Lastly, from the Overview page copy the Application ID
While you're here, it would also be a good idea to update the logo to use the MYOB branding, instead of the default Citrix branding, so it's easier to find it in the list of Enterprise applications.
Please upload the following logo file:
Ensure you have sent through the Login URL and Application ID and the Certificate (Base64) has been uploaded to the secure link provided.
- Congratulations, you're done! Once the MYOB Greentree Support Team has finished configuring SAML using the information provided your users can start logging in with the company's Microsoft credentials.
If you have any further questions, please feel free to reach out.