This feature is supported by Acumatica 2019R2 and later


System administrators can configure Acumatica to support single sign-on with a variety of identity providers, such as Google or Azure ActiveDirectory. It is also possible to set up two-factor authentication with these services, or with Acumatica directly.

In this topic, we'll look at:

  • Configuring an OAuth2* (aka "single sign-on") connection with Velixo Reports

  • Single sign-on (SSO) with username and password only

  • Easy configuration with an Acumatica customization package

  • Importing and publishing the required customization project

*OAuth 2.0 is the industry-standard protocol for multi-factor authorization. 

Required Package

Velixo provides an Acumatica customization package to facilitate the configuration process for system administrators. For more information on how to do this, see Installing the Acumatica customization package.

Configuring a single sign-on connection with Velixo

Acumatica 2019 R2 (and newer) supports single sign-on with a variety of identity providers, as well as two-factor authentication with these services or with Acumatica directly.

If you enable Acumatica two-factor authentication, you will not be able to login from Excel using only the Velixo username and password. Instead, you'll need to authenticate using a procedure that is much like other Internet services which permit you to login using your Azure or Google account.

Users of Acumatica 2019 R2 or later can configure external applications such as Velixo Reports to work with single-sign-on.

Step by Step

Follow these steps to configure a connection to an Acumatica account that authenticates with single sign-on:

  1. Click the small (OAuth) key button in the Connection Manager popup window.


  2. A popup window will appear in your default browser and prompt you to sign in to Acumatica (unless you are already signed in).


  3. From the displayed web page, you have access to every authentication mechanism supported by Acumatica (e.g., username/password, two-factor authentication) as well as any single sign-on service that has been configured in Acumatica. Be sure to leave all options checked so that you will continue to have access to the connection for the full time allowed by your system's configuration.


  4. In order for your browser to return you to Velixo Reports, you'll have to give permission for that to happen:


    Note: To avoid having to click Open every time you log in through Velixo, you can check the "Always allow..." checkbox.


Under some conditions, your browser may not close the SSO Permissions window:


If this occurs and you click Yes, Allow a second time, a message will appear letting you know you can simply close the window and return to Velixo Reports.

Easy configuration with an Acumatica customization package

Inside Excel, we have programmed this feature to be as unobtrusive as possible. If you have not performed the necessary configuration for Velixo single sign-on (or your Acumatica version does not support it) then you won't see the Connect with Single Sign-On button.

Duration of SSO Authorization

Upon going through the process of configuring Velixo to utilize Acumatica's Single Sign-on (SSO) capabilities, your computer system will be authorized to use those capabilities for a pre-determined period of time. A piece of software (referred to as an "Authorization Token") is established for your system. The amount of time for which the token is valid can vary based on your Acumatica and network configuration.

Depending on your organization's configuration, the duration can be anywhere from the current session to one hour to a week.

Once that period of time has passed (i.e., the token has "expired") and you attempt to connect to Acumatica through Velixo, you will once again be prompted to renew the token by repeating the process and re-authorize the connection.

Did this answer your question?