Sign Up for Training |
insightsoftware Company Site
Submit a Request
Become a Jet Insider
Give Feedback

Installing the Jet Service Tier / Jet Hub with Active Directory and Single Sign-On

This features is available in Jet Reports 2019 R2 and higher.


When you first start the Jet Setup program, you will be asked to select the type of user management your company uses.


The first option will configure Jet Reports for use with Active Directory. Optionally, you can use Office 365 Single Sign On.

Assuming you have an Azure account for your organization and that you have already created an Azure Active Directory, you can create Microsoft Client Applications that allow you to use Azure Active Directory to manage your users within Jet Products.

This functionality does not require additional or premium licensing on the part of Azure Active Directory.

Register your App

  1. Log in to your Azure portal (

    The user logging in does not necessarily need to be an administrator in Azure but admin consent will be needed at a point in this process.

  2. Navigate to your Azure Active Directory

  3. Click on App registrations

        • Click on +New registration to register a new app
      • Give your app a name
      • Under Supported Account Types, select Account in this organizational directory only (This is the default setting)
      • Under Redirect URI (optional), select the type of Web and enter your Jet Hub URL

        This entry must start with https:// and contain the base URL that your users will use to sign in to your Jet Hub. The URL could contain the machine name to which you will install Jet Hub or the DNS entry for this site. Examples are:

      • Click Register

Configure your App

Now that your app is registered, there are additional settings that are needed.

  1. First, go to the Authentication page.

      • Add the following additional Redirect URIs of type Web.
        • https://<JetHubURL>/account/logout
        • https://<JetHubURL>/signin-aad
        • https://<JetHubURL>/identity/signin-aad
        • https://<JetHubURL>/identity/external/callback

        Replace "<JetHubURL>" with what you specified above for your Jet Hub URL.

        Double-check your entries to insure there are no misspellings as this can cause the Jet Hub web client to not function correctly.

      • Add the following logout redirect under Front-channel logout URL
        • https://<JetHubURL>/account/logout 
      • Check the boxes for Access tokens and ID tokens to enable implicit grant and hybrid flow
      • Click Save
  2. On the Certificates & secrets tab, click +New client secret to set up your Client Secret

    • Give your client secret a description, select when it expires, then click 'Add'.
    • Copy the generated secret value and paste into Notepad (or other text editor) for saving.

      This will be your only chance to copy it, and it will be required information during the install of Jet Products. If you forget to copy it, you can just create another secret.

  3. Navigate to API permissions tab, click+Add a permissionAPIs my organization uses, Microsoft Graph

  4. Select Application permissions

        • Expand Directory and check Directory.Read.All; expand Group and check Group.Read.All

        • Click Add permissions

  5. Click +Add a permission, again

    • Select APIs my organization uses, then Microsoft Graph

    • Select Delegated permissions

    • Expand Group and check Group.Read.All

    • Click Add permissions

  6. At the bottom of the API Permissions page, click on the Grant admin consent for <DomainName> button.  Then, click Yes in the confirmation dialog.

  7. Go to the Overview page and copy the Application (client) ID and the Directory (tenant) ID to your NotePad document.

    These will also be required during the installation of the Jet Hub components

Install Jet Reports

Note: Not all steps are shown, just those pertaining directly to configuring Active Directory with Office 365 Single Sign On

  1. Run Jet Setup.exe

  2. Enter the Jet Hub URL.  Click Next to continue the install.

  3. When prompted, select Active Directory and check the box for Enable Office 365 Single Sign On. Click Next

  4. Enter the Client Application details that you saved to Notepad and click Next.  When the install is complete, you will be able to login using your Office 365 Account.

  5. After creating the database, if you selected to install the Jet Service Tier, sign in using the Office 365 credentials for the user you want to be the first admin in Jet Hub.  Click Next.

Was this article helpful?
0 out of 0 found this helpful