Loading...

Using Azure Active Directory as Your Identity Provider

Azure Active Directory (Azure AD) is a third-party identity provider that can act as the IdP when your users log on to the Web Console or the Command Center.

To integrate with Azure AD, add a SAML application in the Command Center and in your Azure AD account.

Before You Begin

You must have the Azure Active Directory Premium P1 or Premium P2 edition. For information, go to the Microsoft Azure Active Directory documentation.

Procedure

  1. From the Microsoft Azure portal, create a new application using SAML as the sign on method:
    1. From the navigation pane, go to Azure Active Directory > Enterprise applications, and then click New application ().
    2. Under Add an application, click the Non-gallery application tile.
    3. Enter a name for the application, and then click Add.
    4. Review the overview, and complete the following steps required by Microsoft: Assign a user for testing and Create your test user in test.
    5. Click Configure single sign-on.
    6. Under Single sign-on, in the Single Sign-on Mode list, click SAML-based Sign-on.

      The SAML single sign-on options appear.

    7. In SAML-based Sign on page, under SAML Signing Certificate, click the Download hyperlink next to Federation Metadata XML.

  2. In the Command Center, begin to configure the SAML application:
    1. Open the Add domain dialog box, and then click SAML.
    2. In the Webconsole url box, copy the URL.

      For example, https://mycompany:443/webconsole

      For information about adding a SAML application in the Command Center, see Adding a SAML Application.

    3. Keep the Add domain dialog box open.
  3. From the Microsoft Azure portal, go to SAML-based Sign on > Basic SAML Configuration, and then click Edit.
    1. In the Identifier (Entity ID) box, paste the entity ID that you copied from the SAML app in the Command Center.
    2. Similarly, in the Reply URL (Assertion Consumer Service URL) box, paste the single sign-on URL that you copied from the Command Center.
    3. Click Save.
    4. Under User Attributes & Claims, in unique User Identifier box, select user.userprincipalname.

Last modified: 9/27/2019 9:14:38 PM