Anywhere365 Authentication for Snapper
Anywhere365 Authentication allows users to login with their own Microsoft 365 credentials with various Anywhere365 products. In addition to convenience, this also provides additional security via multi-factor authentication.
See Anywhere365 Authentication Service for Inflight Wallboard
Prerequisites
-
An Azure App Registration for your Anywhere365 product according to the procedure described in Create new Azure App Registration for Anywhere365 Authentication.
-
An Anywhere365 Authentication URL provided by Anywhere365. This URL should be similar to this example: https://auth.anywhere365.cloud/auth/realms/<GUID GUID stands for Globally Unique Identifier (format is always like 2ed153b4-f632-4766-b846-5b2a769b36d1) and is a pseudo random number used in software applications that is assumed to be unique. The total number of unique keys (2<sup>128</sup> of 3.4028×10<sup>38</sup>) is very large and the probability of the creating the same GUID twice is very small, though not 100% guaranteed. The term GUID is generally used by developers working with Microsoft technologies, while UUID is used everywhere else.>
Note: Replace <GUID> with the "Anywhere365 Tenant ID A Unique GUID tied to your Anywhere365 subscription for your Tenant. This Tenant ID is created upon your registration with Anywhere365 and remains the same during your entire lifetime with Anywhere365." provided by your Anywhere365 contact
To set up Snapper authentication do the following:
- Make sure the prerequisites have been fulfilled. See Prerequisites.
- Open your Snapper application.
- In the Settings panel, select the General tab.
- In the Security section, enter the authentication URL provided by Anywhere365 (see Prerequisites).
- Only after entering the URL, toggle the Access Control option to On.Warning: It is important to first enter the appropriate URL before turning Access Control on. If Access Control is switched on when the URL is empty, Snapper will attempt a sign in that it can’t validate. If this happens, you will need to turn off Access Control in Snapper’s Appdata config.xml file.
-
(Optional) Enable Access Control Browser. By default Snapper uses a built-in mini browser for handling the Microsoft 365 user login interaction. If a Windows Conditional Access Policy does not allow this (for example if a browser extension "Windows Accounts" is needed). Enabling this toggle will use the default Windows desktop browser to handle the end-user login interaction instead of the built-in mini browser. After succesful login, Snapper will attempt to close the opened tab in the default browser used for login.
- Make sure all intended users are available in Microsoft Entra ID Formerly known as Azure Active Directory (or Azure AD, or AAD), as they would otherwise not be able to open Snapper.
Note: For unattended installation, these settings should be included:
FeatureToggleAccessControl="true"
FeatureToggleAccessControlUrl="AUTHENTICATION URL", where the AUTHENTICATION URL is the one provided by Anywhere365.
FeatureToggleAccessControlBrowser="true" (Optional setting if the default Windows desktop browser needs to be used for the user login prompt)