Project Gateway - Collaborate Gateway Registration and Login with Azure

Overview

After a Collaboration Administrator publishes a project to Project Gateway, collaborators are invited to join the project team. When an external collaborator is invited to join the project, they will receive an email where they will be asked to complete their enrollment to access the CMiC Collaborate system.

To help guide collaborators through the enrollment process after the Azure security transition, step-by-step examples of each of the various options used to register and log into the system are provided below.

NOTE: Group email addresses are not supported. This is a technical limitation of Microsoft. Each user must log in using their individual email account.

NOTE: Collaborators are not required to use a Microsoft account but will be prompted to log in through the Microsoft Login page. From this page, users can log in using other providers such as Google, Yahoo, AOL, or Protonmail, even though the Login page is branded as Microsoft. Users will be prompted to use their email address and the password associated with that email provider, not their previous CMiC Gateway password, to log into Gateway through Azure.

• Project Gateway - Collaborate Gateway Registration and Login with Azure
  • Overview
  • Microsoft Outlook Collaborate Gateway Registration
    • Alternate Email Address
    • Alternate Phone Number
    • Data Handling for External Collaborators
  • Mobile Microsoft Outlook Collaborate Gateway Login
  • Gmail Collaborate Gateway Registration
  • Mobile Collaborate Gateway Google Login
  • OTP Collaborate Gateway Registration
  • Mobile OTP Collaborate Gateway Login
  • Collaborate Gateway Login with MFA Off
  • Mobile OTP Collaborate Gateway Login with MFA Off
  • FAQ

Microsoft Outlook Collaborate Gateway Registration

When registering using Microsoft Outlook, there are two options available for multifactor authentication:

• Alternate Email Address

• Alternate Phone Number

The registration process for each of these options is described below.

Alternate Email Address

This is the process flow users can expect when using an alternate email address as a form of multifactor authentication.

1. In the invitation email, click on the [Join Team] button or copy the link into (ideally) private browsing to continue the registration process.

   

2. You will be directed to the Microsoft Login page. Sign into your account.

   

3. You must accept permissions to continue the registration process.

   NOTE: CMiC does not gain access to users’ mailboxes, OneDrive, Teams, or any personal or sensitive content. This is standard Microsoft B2B OAuth behavior, and access is strictly limited to what’s necessary for authentication and authorization. To learn more, refer to Data Handling for External Collaborators.

   

4. You will be prompted to set up a form of multifactor authentication. In this example, we are using an alternate email address. Enter an alternate email address and press [Next].

   

5. You will receive a Microsoft account security code. In this example, the security code has been sent to the alternate email address specified in the previous step.

   

6. Enter the Microsoft account security code and press [Verify].

   

7. Verify your identity using the alternate email address.

   

8. Verify your alternate email address and press [Send code].

   

9. Enter the Microsoft account security code sent to your alternate email address and press [Next].

   

10. Once multifactor authentication is set up and verified, you will be taken to the project dashboard.

    

Alternate Phone Number

This is the process flow users can expect when using an alternate phone number as a form of multifactor authentication.

1. In the invitation email, click on the [Join Team] button or copy the link into (ideally) private browsing to continue the registration process.

   

2. You will be directed to the Microsoft Login page. Sign into your account and press [Next].

   

3. You must accept permissions to continue the registration process.

   NOTE: CMiC does not gain access to users’ mailboxes, OneDrive, Teams, or any personal or sensitive content. This is standard Microsoft B2B OAuth behavior, and access is strictly limited to what’s necessary for authentication and authorization. To learn more, refer to Data Handling for External Collaborators.

   

4. You will be prompted to set up a form of multifactor authentication. In this example, we are using a phone number. Enter the phone number and press [Next].

   

5. You will receive a Microsoft account security code. In this example, the security code has been sent by text message to the phone number specified in the previous step.

6. Enter the Microsoft account security code and press [Next].

   

7. Verify your phone number to confirm your identity and press [Send code].

   

8. Enter the Microsoft account security code sent to your phone number and press [Verify].

   

9. Once multifactor authentication is set up and verified, you will be taken to the project dashboard.

   

Data Handling for External Collaborators

When users see a Microsoft prompt requesting permission to access their profile data, it’s part of Microsoft Entra ID (formerly Azure AD) B2B collaboration. This prompt appears because the user is being added as a guest in CMiC’s Entra ID tenant to securely access a shared application via OAuth.

To clarify:

• No privileged or sensitive data (e.g., emails, documents, passwords, or full directory access) is shared with CMiC.

• The permissions shown include:

  • Receive your profile data – This refers to basic directory information (e.g., name, email, tenant ID) that is required to authenticate and identify the user within the application.

  • Collect and log activity data – This refers only to access logs (e.g., sign-ins, usage) for auditing and security purposes. It does not include content or communications.

  • Use your profile data and activity data – This is solely for identifying users within the application and tracking their access to the app for compliance.

We do not receive access to any users’ mailboxes, OneDrive, Teams, or any personal or sensitive data. Rest assured that this is standard Microsoft B2B OAuth behavior and that access is restricted to only what’s needed to authenticate and authorize the user.

Mobile Microsoft Outlook Collaborate Gateway Login

This is the process flow users can expect when logging in using mobile with Microsoft Outlook.

1. Launch the Construct PM app and tap the [Sign in with Microsoft] button. Sign into your account using your email address and tap [Next]. You will need to verify your identity using multifactor authentication. In this example, we are using an alternate email address as a form of multifactor authentication. Verify your alternate email address and tap [Send code].

   NOTE: Refer to Microsoft Outlook Collaborate Gateway Registration above for more information on setting up multifactor authentication options.

   

2. Enter the Microsoft account security code sent to your alternate email address and tap [Sign in]. Check the 'Don't show this again' box to stay signed in, so you don't have to sign in again next time. Tap [Yes] to proceed to Collaborate Gateway.

   

Mobile Collaborate Gateway Google Login

This is the process flow users can expect when logging in using mobile with Google.

1. Launch the Construct PM  app and tap the [Sign in with Microsoft] button. You will be prompted with a pop-up where you should choose [Continue] to proceed with signing in.

   

2. You will be directed to the Microsoft Login page. Sign into your account and click [Next].

   

3. You will be redirected to Google to sign in.

   

4. On the Google Sign in page click [Next] to continue.

   

5. Enter your password and click [Next] to continue.

   

6. Click [Continue] to sign in via OAuth. After entering your credentials,you won't need to authenticate every time you access the app. Instead, you will simply confirm that you wish to proceed with signing in via OAuth, and you will be directed to the project dashboard to enter your project.

   

Mobile OTP Collaborate Gateway Login

This is the process flow users can expect when logging in using mobile with OTP (One-Time Password). In our example, we are using AOL.

1. Launch the Construct PM app and tap the [Sign in with Microsoft] button. Sign into your account using your AOL email address or other provider and tap [Next].

   

2. A one-time passcode will be sent to your alternate email provider (AOL in this case).

   

3. Enter your one-time password and tap [Sign in]. Approve the sign in request by opening your Authenticator app and entering the number shown to sign in. Proceed to Collaborate Gateway.

   

Collaborate Gateway Login with MFA Off

This is the process flow users can expect when logging in with multifactor authentication (MFA) off.

1. If using https://cmiccollaborate.com/cmictest, you will be redirected to the Microsoft login page. Enter your email address and click [Next].

   

2. If using a Gmail account, you will be redirected to Gmail. Enter your email address and click [Next].

   

3. You will be prompted to enter your password. Enter it and click [Next].

   

4. Next you will be prompted to enter a verification method (e.g., phone number). When finished, click [Next].

   

5. A verification code will be sent based on the method being used and will need to be entered. When finished, click [Next].

   

6. Once your account has been verified, you will be taken to the project dashboard.

   

Mobile OTP Collaborate Gateway Login with MFA Off

This is the process flow users can expect when logging in using mobile with multifactor authentication (MFA) off using OTP (One-Time Password).

1. Select your server and tap the [Sign In with Microsoft] button. Sign into your account using your email address and tap [Next].

   

2. If you are using a non-federated email provider, you will be sent a one-time passcode to enter before being taken to the project dashboard in Collaborate.