Access to the MYOB Greentree Cloud Self-Service Admin Portal can be integrated with Entra (Azure) AD to allow Administrators to use their Office 365 credentials to access the admin portal and configure their user's MYOB Greentree Cloud applications.
Use the steps in this guide to complete the integration of your Entra AD.
Configure OID App Integration
Integration between the MYOB Greentree Cloud Self-Service Admin Portal and Entra AD occurs via the SAML protocol.
To start this process, contact the MYOB Greentree Cloud Support team.
https://support.greentree.io/hc/en-us/requests/new
- Login to the Microsoft Entra admin center: https://entra.microsoft.com
- Expand the Entra ID section on the left-side menu
- Open the App registrations page and click on New registration:
- In the Name field enter MYOB GT Cloud Admin. Leave the default account type as Single tenant only and set the Redirect URI to Web and in the URI field to the right of that to https://admin.greentree.io/oidc/link/callback and then click Register:
- Once your new app is registered, click on the hyperlink next to Redirect URIs in the top-right:
- Then click on Add Redirect URI
- Select Web:
- In the Redirect URI field enter https://admin.greentree.io/oidc/callback and then click Configure:
You should now have both Redirect URIs:
- Now we need to create a new client secret. Select Certificates & secrets in the left menu and then click on New client secret:
- Give it the description MYOB GT Cloud Admin and the default expiry of Recommended: 180 days (6 months):
- Make sure to copy and save the Value:
(You will NOT be shown this value again, so if you don't save it here you will have to regenerate the secret)
- Now we need to set the permissions. Click on API permissions in the left menu and then click on Add a permission:
- Select Microsoft Graph:
- Choose Delegated permissions and add email and openid and click on Add permissions:
- Make sure to Grant admin consent for Your Organisation:
- From the Overview page make sure to copy the Application (client) ID and Directory (tenant) ID and then provide this to the MYOB Greentree Cloud Support Team:
They will ask for the Well-known Endpoint which is in the form below:
https://login.microsoftonline.com/Directory (tenant) ID/v2.0/.well-known/openid-configuration
So to recap, you need the following:
1. Application (client) ID
2. https://login.microsoftonline.com/Directory (tenant) ID/v2.0/.well-known/openid-configuration
3. Client Secret Value
- Lastly, from the Branding & properties page, upload the MYOB logo below and click Save, so it's easier to find it in the list of app registrations:
Please upload the following logo file:
- Congratulations, you're done! Once the MYOB Greentree Support Team has finished configuring single sign-on using the information provided, your users can start logging in with the company's Microsoft credentials.
If you have any further questions, please feel free to reach out.