absentify integration with Microsoft accounts

To utilize absentify, employees need Microsoft accounts. While a Microsoft 365 license isn’t mandatory, users can create free accounts within your Microsoft tenant. absentify also supports private Microsoft accounts; however, this is not recommended, as it removes the benefits of centralized management and control for administrators.

​

Required permissions

absentify requires the minimal permissions necessary to establish login functionality and integrate user profiles. These permissions are dictated by Microsoft’s technical requirements for login and profile synchronization:

• email (Delegated): View users’ email addresses.

• offline_access (Delegated): Maintain access to data you’ve given it access to.

• openid (Delegated): Sign users in.

• profile (Delegated): View users’ basic profile.

• User.Read (Delegated): Sign in and read user profile.

​

Granting admin consent

To grant admin consent for all employees:

1. Access the Admin Consent URL: Navigate to the following link: Admin Consent for absentify

2. Sign In: Log in with your administrator credentials.

3. Review and Accept Permissions: Carefully review the permissions requested by absentify and click Accept to grant consent on behalf of your organization.

​

Why granting admin consent is beneficial

Granting admin consent simplifies the onboarding process for employees and ensures a consistent user experience. Benefits include:

• Employee Confidence: Employees are not prompted to grant consent individually, which could confuse or concern them, especially if they are unfamiliar with granting permissions to third-party apps.

• Compliance with Policies: Many organizations restrict employees from granting delegated permissions to third-party apps. Admin consent bypasses these restrictions, ensuring absentify functions smoothly.

• Streamlined Setup: By granting admin consent, all employees can start using absentify immediately without extra steps, saving time for both employees and IT support teams.

​

Security, compliance, and certifications

absentify is designed to meet the highest standards of data protection and security.

• GDPR Compliance: All data processing adheres to GDPR regulations, ensuring user privacy and data protection.

• ISO 27001 Certification: absentify’s infrastructure complies with ISO 27001 standards, demonstrating our commitment to robust information security management.

• Microsoft App Certification: The absentify app is Microsoft-certified, guaranteeing that it meets Microsoft’s strict security and compliance standards.

​

Security and data storage

absentify prioritizes the security and privacy of your organization’s data. Here’s how we manage and protect your information:

• Data Collected:

  • First Name

  • Last Name

  • Email Address

  • Profile Picture

• Purpose of Data Collection: To enhance application performance and user experience.

• Data Storage:

  • All data is stored securely in our Azure database located in North Europe.

  • Access to the database is restricted to top management. Developers and other departments do not have access.

  • The database is accessible only through Azure, ensuring robust security measures.

​

Assigning permissions to specific groups

If you prefer to grant permissions to a specific group rather than the entire organization, you can configure this through Azure Active Directory:

1. Create a Security Group:

   • In the Azure portal, navigate to Azure Active Directory > Groups > New group.

   • Create a security group and add the desired users.

2. Assign the Application to the Group:

   • Go to Azure Active Directory > Enterprise applications.

   • Select the absentify application.

   • Under Users and groups, click Add user/group.

   • Select the previously created security group and assign it to the application.

3. Configure User Assignment Required:

   • Within the absentify application settings, set User assignment required? to Yes.

   • This ensures that only users within the assigned group have access to absentify.

For more detailed information, refer to Microsoft’s documentation on granting tenant-wide admin consent to an application.

​

Advantages of using Microsoft Accounts

Using Microsoft accounts within your organization’s tenant offers numerous advantages:

• Seamless Offboarding: When employees leave the company, their Microsoft account is automatically deactivated, revoking their access to absentify without manual intervention.

• Centralized Profile Management: Profile information such as names, emails, and positions is updated centrally within Microsoft 365, ensuring consistent and accurate data across platforms.

• Streamlined Onboarding: New employees are automatically provisioned with access to absentify based on their directory data or group memberships, eliminating manual steps for HR.

• Enhanced Security:

  • Microsoft’s multi-factor authentication (MFA), conditional access policies, and other security measures are automatically applied to absentify.

  • Account security is handled using the highest standards, including automatic detection of compromised accounts and enforcement of organization-wide policies.

• Policy Integration: Security and compliance settings configured in the Microsoft Admin Portal, such as password requirements and IP restrictions, are seamlessly integrated into absentify.

• Single Sign-On (SSO): Employees can access absentify using their existing Microsoft credentials, simplifying the login experience and reducing password fatigue.