How to grant guest access to Dooap?
Granting guest access according to these instructions allows users from external organizations to access your Dooap environment securely. This process involves integrating guest users with your tenant’s system while ensuring they have the correct permissions to use the application.
At the core of this setup is the Dooap Consent Wizard Tool, which simplifies the process into a few easy steps.
1. Granting Permissions to Enterprise Applications
To enable guest users to access Dooap, their organization (the "guest tenant") must first grant permissions to three specific Enterprise applications. These applications require MS Graph User.Read rights and include:
- Consent Wizard
- Web
- Mobile
Granting these permissions ensures that guest users can log into Dooap applications using their own credentials.
This process aligns with standard Entra ID authentication for third-party Single-Sign-On applications, where tenant administrators grant consent during the first login.
2. Linking the Guest Tenant to the Original Dooap Tenant
Next, the guest tenant must be linked to the original Dooap tenant (or multiple tenants, if applicable). This linkage directs users to the appropriate environment(s) within the multi-tenant application, eliminating the need for different URLs for each tenant.
Using the Consent Wizard Tool
The Dooap Consent Wizard tool simplifies the process of granting guest access into a few straightforward steps. This tool is used to complete both the permission-granting and tenant-linking actions.
Steps to Use the Consent Wizard Tool:
- Log in as the guest tenant's native Global Admin user.
- Grant permissions to the required Enterprise applications through the wizard.
- Ensure the wizard is completed fully.
Key Considerations:
- Admin Approval: Depending on tenant settings, granting permissions typically requires Global Admin approval.
- Confirmation of Completion: Once the wizard is completed, confirmation should be sent back to the party that provided the link for activation.