Note: This article is preliminary - some of the functionality in this article is still being implemented.
The purpose of this article is to enable access and management of permission in SWOOP using your directory groups (eg Azure AD Groups) instead of the inbuilt functionality in SWOOP's admin section.
Note: Currently only Microsoft Azure Open ID is supported. You will need to contact our support with group IDs.
The more official Microsoft instructions for assigning groups to application roles can be seen by clicking here.
You should first log in to the Azure portal and then look for our application in Enterprise Applications.
Click on Enterprise applications in the menu and search for "SWOOP Analytics" among the enterprise applications in your list. It should be called something like "SWOOP Analytics General Login" unless you are using your own single-tenant registered app, in which case you should select that from the list.
Then you can click on the below "Assign Users and Groups" link shown below or on the "Users and Groups" item from the left-hand menu.
This page will have a button at the top called "Add user/group" which will bring you to an add/edit screen to configure the new assignment.
Select a user or group (such as your communications team) and if there are roles available, you may optionally select a role to assign them to. This is a guideline to assist in ensuring all roles are assigned groups but it is optional and doesn't affect what information you need to provide to SWOOP Support.
Once complete, there is one more step.
From the Users and groups tab, click on the group name to view its properties and copy the Object ID, paste this into a document for safe-keeping.
Repeat this process for each of the assigned groups and then contact SWOOP support with the group IDs and their role assignments if any.
We will create these assignments in our system also and the SWOOP application will then grant the appropriate permissions to group members automatically.