Make the Xakia sign-in process easy for users, by linking to your federated identity service with Microsoft Entra (formerly known as Azure Active Directory)
Xakia currently supports Federated Identity (also known as single sign on) via Microsoft Entra, using the OpenId Connect (OIDC) protocol. This is available at all subscription levels.
In this article:
Setting up Microsoft Entra (Azure Active Directory) in Xakia
Xakia's federated identity is configured at the Location Level, but will require the assistance of Microsoft Entra Global Administrator for your organization. This is possibly someone from your internal IT team who may need to be added as a user in Xakia to manage this process.
In order to configure Federated Identity in Microsoft Entra, please follow the steps below:
Click on 'Admin' in the top navigation menu
Click on 'Security' in the left hand menu
Select the 'Federated identity' tab
In the 'Identity provider' field, select "Azure Active Directory - Sync Job"
Click 'Save' to confirm Microsoft Entra as your provider
Click 'Get the app'
This will take you to Microsoft Entra
Please follow the prompts to accept the permissions for the terms of application (see below)
Once these steps have been completed, the following fields will be automatically populated in Xakia:
Consent Granted by (person who provided consent)
Consent granted on (date of acceptance in UTC)
Note: Xakia requires read access to your Microsoft Entra Directory in order to synchronize authorized users into Xakia. This allows Xakia administrators to configure roles, groups and access levels for those users in Xakia.
Adding and removing users in Microsoft Entra
Once Xakia is connected to your Microsoft Entra, your Microsoft Entra Global Administrator can manage users by following this process. (This person will be familiar with this process when adding users to a connected user group):
Within Microsoft Entra, select the 'Enterprise applications' blade
Select the Xakia application from the list
Select the 'Users and Groups' blade
Click '+ Add User' from the top tool bar
Select users and/or groups from your internal team to add to Xakia by clicking 'Assign'
After all steps have been completed in Microsoft Entra, please return to Xakia and click 'Sync Users Now'. An automatic sync will occur daily, but if you wish to prompt this process manually (when users have been added or removed), you may do so at any time.
By default, the Xakia user sync process will bring any user assigned to the Xakia Microsoft Entra App into the location. This is fine for clients with a single location. However, clients with multiple locations will note that the user sync process will bring the same set of users from Microsoft Entra into all Xakia locations. Most clients will want to have a separate set of users for each location. To achieve this, Xakia clients with multiple locations will need to consider using a Microsoft Entra Group for each location to ensure that only the desired set of users are brought into each location.
Create a Security Group in Microsoft Entra that corresponds to the Xakia users in the given location
Allocate the desired Microsoft Entra users to the Microsoft Entra Group created above
Assign the group created above to the Xakia Microsoft Entra App. If your Microsoft Entra plan does not allow this, you must ensure that each individual user in the group is assigned to the Xakia Microsoft Entra App
In the Xakia Federated Identity configuration screen, set the 'User Sync Group' field to the name of the Microsoft Entra Group created above and click 'Save'
Click the 'Sync Users Now' button to initiate a user sync
Repeat for each desired location
Note: Only the users in Microsoft Entra that have been assigned to the Xakia Microsoft Entra App (either directly or transitively through a group) AND are a member of the given User Sync Group are brought in to the location.
Inviting users and managing the user profile in Xakia
After users have been synced with Microsoft Entra (this may take a few minutes), they will be visible in Xakia:
Navigate to the 'Users' tab in the 'Security' section of the 'Admin' area
Use the filter on the top right hand corner and select 'All Users' from the drop down list
All users are now listed and the following user profile attributes can be assigned individually:
Role (defaults to mid-level lawyer)
Group (defaults to show no Group membership)
Access (defaults to All Matters)
Analytics access (defaults to no)
You can go ahead and send an invitation to each user (or those who are new to the system)
Click link in email
Click Register. Users will receive an invitation and must complete their registration as follows:
User access under Microsoft Entra
Following registration, clients who are in their Microsoft Entra environment (eg. Office 365), will be required only to enter their username (ie. email address) in order to access Xakia, but not their password.
Once you have set up SSO in Xakia, Internal Clients can also log into the Internal Client Portal via Microsoft Entra. If the internal client is set up through Microsoft Entra, they can access the Internal Client Portal directly through the Portal URL.
When visiting the Portal for the first time, they will be provisioned automatically when they enter their email address.
Note: You should not add them to the user Group in Microsoft Entra, as Xakia will recognize them as users to the platform (as opposed to the Internal Client Portal).