SAML Setup With Azure As The Identity Provider

News Knowledge Base
, , , ,
1

How to setup Single Sign On( SSO) authentication for Orchestrator using Azure as the SAML provider?

In order to configure the SAML setup for enabling SSO using Azure as the Identity Provider, follow the below settings.

Within The Azure Portal:

  1. 'Basic SAML Configuration' Section:
  • Identifier (Entity ID): https://{Orchestrator URL}/identity
  • Reply URL: https:// {Orchestrator URL}/identity/Saml2/Acs
  • The other fields are optional.

  1. 'SAML Signing Certificate' Section:

Provide the value of the service provider certificate thumbprint under the 'Thumbprint' field, along with the expiration date.

Within the Identity Management Portal:

  1. Display name: Of your choice
  2. Service Provider Entity ID: https://{Orchestrator URL}/identity
  3. Identity Provider Entity ID,
  • To get this value, open the Azure portal and navigate to the “SAML Signing Certificate” section and copy the value for “App Federation Metadata Url”
  • Browse for the same in the browser and obtain the “entityID” from the XML response so obtained (highlighted in yellow in the second image below)
  • Ensure to append a trailing slash at the end when entering the value in the Identity Management portal

  1. Single Sign-On Service URL,
  • {URL obtained from metadata}/saml2
  • See below for reference (highlighted in yellow),

  1. Return URL: https:// {Orchestrator URL}/identity/externalidentity/saml2redirectcallback
  2. Store name: Set to 'My' from the drop-box.
  3. Store location: Set to 'LocalMachine' for Windows deployments; Set to 'CurrentUser' for Azure Web App deployments
  4. Thumbprint: Thumbprint value of the service provider certificate

2

Why there are no images, is it just me or no one can see the attachment images.

Thank you!