Single Sign On (SSO) Setup Guide

Please be aware, this feature is only available on v15.5.1 and above. You can find information about upgrading/patching here.

 

 

Pre-Requisites:

As of version 16.0.0 and later, you must setup Graph AD Sync BEFORE you setup your Single Sign In (SSO) configuration.

This requires you have an "Enterprise Application" setup with your secret key in Azure and all your users and groups that you want to have access to your Intranet are already setup inside.

 

Setup Single Sign On

Complete the following steps to set up Single Sign On using Azure Entra ID

 

Configure Entra ID

  1. Login to https://portal.azure.com and click Manage Microsoft Entra ID
  2. On left side menu click Enterprise Applications2.png

     
  3. Click New Application
    3.png

     
  4. Click Create your own application



     
  5. Set a Name for application and select the Integrate any other application …
    5.png

     
  6. Click Single Sign-on then Select SAML


     
  7. Click the "Edit" Pencil button inside the box labelled "Basic SAML Configuration".

     
  8. Set Intranet Home Page address for Identifier and Login Page Address for Reply URL and click Save

    Click "Add Identifier" and "Add reply URL" buttons so the form entries appear:


     
  9. Check the configuration
    14.png
     
  1. Note: Test Sign in will not work before completing all steps
    15.png

Configure Intranet Application

  1. Login with a Superadmin account and select Admin Menu
    16.png
     
  2. In Security Tab Click on Authentication Mode

    17.png

     
  3. Check Single Sign-On (SSO) option and Save

    18.png

     
  4. Back to Security Tab and Click on Single Sign On

    19a.PNG

     
  5. In Azure Portal select the application and copy App Federation Metadata Url

    20.png

     
  6. Paste in Metadata XML Url and click Import

    21.png

     
  7. In Azure Portal from Properties copy User access URL

    22.png

     
  8. Paste in Login Url and click Save
    22.png

     
  9. For Mapping Unknown SSO User to new user or existing one Click on Single Sign-On Mapping

    24.png

     
  10. In Azure Portal select the application and copy App Federation Metadata Url (Repeat step 20)

    25.png
     
  11. Paste in Metadata XML Url and click Import

    26.png

     
  12. Fill Name ID Field if you need to map Existing User (Entra ID default value is selected in screenshot)

    27.png
     
  13. Fill Create New User, Person and Employee fields if you need to create New User (Entra ID default values are selected in screenshot)

    28.png
     
  14. Click Save

    29.png

     
  15. New users can add missing personal information by editing their profiles. Which fields users can edit is controlled in Manage Fields from Directory Tab
    30a.PNG

    30.png

Related articles

Powered by Zendesk