Configuring the web license to use with the company's email address through Azure Active Directory and set up conditions access
Active Directory Activation - IT Department
Our AAD mechanism uses Microsoft Azure B2C and B2B and no credentials are stored in our environment. Any MFA configured by your IT team for your company's identities will factor into this authentication when used.
This process leverages your users' Azure accounts to acquire a license, with all relevant information securely logged into your Azure system. Additionally, our VDI environment is based in the South Central region so user login details will reflect activity from San Antonio.
You can click this link to get other FAQs around the web license platform - Web license FAQs
Here are the steps to approve the license to use Active Directory (Hosted Clients - DO NOT use the login we provided ending with client.beck-technology.com).
1. Adding the DESTINI Single Sign-On to your Environment
- Log in to this website: https://login.beck-technology.com/ and click the Sign-in" button.
- Sign in to Active Directory using your company email and password, then follow the prompts.
- Once everything is verified you will see the message below
- This will create the DESTINI Single Sign-On in your Azure environment.
- Also, the Azure Administrator may have to go to their Azure Portal > Enterprise Solutions and approve the DESTINI Single Sign-On as well.
Once that is completed then follow the steps below to use your Company's email address to log into our license platform.
If you are getting a security alert accessing the Web License portal, then these are the websites that need to be white-listed. These IP addresses may be dynamic so it would be good to check the IP using the website link.
https://licensing.beck-technology.com/ IP Address - 52.173.149.254
https://becktechauth.b2clogin.com/ IP address - 40.126.29.05 -40.126.29.14
https://login.beck-technology.com/ IP Address - 52.173.149.254
Also, whitelisting IP addresses may not be a feasible solution due to our use of load-balanced Azure Virtual Desktops with Remote App Streaming. This setup results in dynamic changes to the virtual desktop IP addresses, making it challenging to maintain an effective whitelist. Instead, we recommend implementing alternative access control methods, such as user authentication and conditional access policies. These approaches provide a more flexible and secure way to manage access to Active Directory.
Here are some additional recommendations from Microsoft if you are setting up Conditional Access Policies - https://docs.microsoft.com/en-us/azure/active-directory/identity-protection/howto-identity-protection-configure-risk-policies