Loading...

Using Azure Active Directory as Your Identity Provider

Azure Active Directory (Azure AD) is a third-party identity provider that can act as the IdP when your users log on to the Web Console or the Admin Console.

To integrate with Azure AD, add a SAML application in the Admin Console and in your Azure AD account.

Before You Begin

You must have the Azure Active Directory Premium P1 or Premium P2 edition. For information, go to the Microsoft Azure Active Directory documentation.

Procedure

  1. In the Admin Console, begin to configure the SAML application:
    1. Open the Add SAML App dialog box, and in the Webconsole url box, copy the URL.

      For example, https://mycompany:443/webconsole

      For information about adding a SAML application in the Admin Console, see Adding Identity Servers.

    2. Keep the Add SAML App dialog box open.
  2. From the Microsoft Azure portal, create a new application using SAML as the sign on method:
    1. From the navigation pane, go to Azure Active Directory > Enterprise applications, and then click New application ().
    2. Under Add an application, click the Non-gallery application tile.
    3. Enter a name for the application, and then click Add.
    4. Review the overview, and complete the following steps required by Microsoft: Assign a user for testing and Create your test user in test.
    5. Click Configure single sign-on.
    6. Under Single sign-on, in the Single Sign-on Mode list, click SAML-based Sign-on.

      The SAML single sign-on options appear.

    7. Under Domain and URLs, in the Identifier box, paste the entity ID that you copied from the SAML app in the Admin Console.

      Similarly, in the Reply URL box, paste the single sign-on URL that you copied from the Admin Console.

    8. Under User Attributes, in the User Identifier box, enter user.userprincipalname.

    9. To download the IdP metadata file, under SAML Signing Certificate, in the DOWNLOAD column, click Metadata XML.

  3. In the Admin Console, complete the SAML application:
    1. To upload the IdP metadata XML file, in the open Add SAML App dialog box, next to Upload IDP metadata, click Browse.
    2. Select the IdP metadata XML file that you downloaded from the Microsoft Azure portal.
    3. Complete the application and click Save.

      For information about adding a SAML application in the Admin Console, see Adding Identity Servers.

Last modified: 4/25/2019 8:17:52 PM