Restricting User Access to Umango in Azure

Restricting User Access to Umango in Azure

By default, when you create an Azure App Registration for use with Umango authentication, any user within your Microsoft Entra ID (formerly Azure AD) tenant can authenticate. To restrict access to specific departments, teams, or individuals, you must enable User Assignment.

Step 1: Enable "Assignment Required"

This setting acts as a gatekeeper, blocking any user who hasn't been explicitly granted access to the Umango application.

  • Log into the Azure Portal.
  • Navigate to Microsoft Entra ID.
  • In the left-hand menu, select Enterprise applications (Note: This is different from "App registrations").
  • Search for and select your Umango Authentication app.
  • Under the Manage section, click on Properties.
  • Locate Assignment required? and toggle it to Yes.
  • Click Save at the top of the page.

Step 2: Assign Specific Users or Groups

Once assignment is required, you must define the list of authorized users or security groups.

  • While still in the Enterprise Application view for Umango, select Users and groups from the left menu.
  • Click + Add user/group at the top.
  • Under Users and groups, click the "None Selected" link.
  • Search for the individual users or the Security Groups you wish to authorize.
  • Click Select, then click Assign at the bottom.
Pro Tip: Using Groups is the most efficient way to manage access. If a user is added to a synced "Marketing" or "HR" group in the future, they will automatically gain access to Umango without further configuration in the Azure portal.

Step 3: Expected User Experience

User Type Result
Assigned User/Group Member Successfully logs into the Umango Dashboard.
Unassigned User Receives a Microsoft error: "Message: AADSTS50105: The signed in user is not assigned to a role for the application..."

This article is a supplement to the Main Azure Entra Configuration Guide.

    • Related Articles

    • Resetting The Umango Authentication Method

      Overview If the Authentication Method in Umango is misconfigured (e.g., an incorrect LDAP or MFA setup), administrators may find themselves locked out of the system. By removing the AuthenticationMethod entry from the database, Umango reverts to its ...

    • Installing Umango Silently Using Command Line Properties

      This article explains how to install Umango without user interaction by running the installer from the command line and supplying MSI properties. The Umango installer is distributed as an EXE bootstrapper that contains an MSI package. For silent ...

    • How to Change the Temporary Working Folder in Umango

      Overview Umango uses a temporary working folder to store files during processing. This folder is separate from the batch folder and is used internally by the system while documents are being processed. In some environments, you may want to move this ...

    • Network Folder Source Connector – XML Data File Not Found

      Overview When using Umango's Network Folders Source Connector with the option "Expect an XML data file with the same name as the importing file. If one exists, import the XML data", you may encounter import failures, particularly when larger files ...