To enhance security, streamline user management, and support modern identity standards, TimeTrak now integrates with Microsoft Entra ID—Microsoft’s cloud-based identity and access management solution. This integration enables single sign-on (SSO) and more centralized access control for all TimeTrak users. With this integration, TimeTrak aligns with enterprise-grade security practices while simplifying IT administration and improving the user experience. This is a guide on how to set up Microsoft 365 integration that can be provided to your Microsoft services administrator.

Full documentation for Microsoft Entra Setup can be found here

1. Login to the Azure Portal

2. Click on App Registrations

3. Click New Registration

4. Register an application
Enter TimeTrak for the name and select Accounts in this organisation directory only for supported account types. Leave the rest of the fields as they are. Then click Register.

5.Branding & properties (optional)
You can upload the TimeTrak icon and specify the home page if you want. Browse or the TimeTrak icon file and then click Save.

6. Authentication
On the Authentication tab under Platform Configurations, click Add a platform

• Click the Web tile.
• In the Redirect URI’s field add the link to your TimeTrak Professional login
• Tick on Access token and ID tokens
• Click Configure

7. Add the additional redirection URI’s
You need to make sure you have 4 URI’s configured. 2 for Professional and 2 for Mobile.

Click Add URI and then add the 4 uri’s.

8. Add platform configuration for Mobile Apps

• Click Add a Platform
• Select Mobile and desktop applications
• Tick the URI that starts with msal
• Click Configure
• Untick the URI starting with msal that you previously enabled.
• Add a new URI for the Mobile and desktop application platform.
• Click Save

9. Client Secret

• On the Certificates and secrets tab click New client secret
• Enter in a description and expiry date (make note of when this will expire so that you can refresh the secret before it expires or users will not be able to login).
• Click Add

VERY IMPORTANT Copy the value of the secret (this will not be available the next time you visit this page, so make sure you note it down)

10. API Permissions

Check that under the API Permissions tab that you have the permission for User.Read

11. Update the administrator console

In the TimeTrak administrator console you now need to fill in the details to connect to Azure.

• Edit the global settings and select the Microsoft 365 tab.
• In the TimeTrak Administration Console, under the Global Settings, first set the Authentication Mode.
• At this point it is also recommended that you take the time to ensure the TimeTrak, Mobile, Client and APU URL addresses are correct

• Enter in your Client Id and Tenant id (Located on the Overview tab in the Azure Portal)

• Click Ok

12. TimeTrak Url’s
You need to make sure that you have the correct URL’s specified in the TimeTrak global settings as it uses these for the redirect URI’s when making calls to Azure.

If you encounter any problems, please don’t hesitate to contact the TimeTrak team. support@timetrak.co.nz