Step 2 – Create a new Enterprise Application
Switch to Enterprise Application Section
Create new Enterprise Application
Select Create own Application
Enter a unique Name like the URL of your Simplifier instance and choose the option
Integrate any other application you don’t find in the gallery
Click the Create Button below
After creating the App, you will be redirect to the App Settings.
Choose Single-Sign-On in the left menu and then click on the SAML Tile
Step 3 – Configure Simplifier Service Provider
Go to Settings – Authentication and create an new Identity Provider
The following settings are needed for SAML Authorization against Azure.
|Service Provider Endpoint||The endpoint url which needs to be configured in the SAML IDP Provider|
|Service Provider Metadata URL||The Metadata Document URL for upload or exchange into the Identity Provider|
|Display Name||The display name is shown on the login button.|
|Sign Assertions||If set, also the assertions within the SAML Response will be signed. This should be activated for Azure Active Directory|
|Maximum Lifetime (in seconds)||Used to determine whether a user login request is sent within a valid time period of the user’s last login.
If yes, the user is automatically logged in without the need to enter a user name and password again.Recommended Default Value 28800
|Service Provider Entity ID||
Unique ID for registering Simplifier within the external Identity Provider
This ID will be also exchanged by Metadata URL
|Get IDP Metadata via URL||You should switch this on (Recommended) for exchanging the metadata directly with the Identity Provider|
|URL for IDP Metadata||Url for Metadata provided by Azure Active Directory|
|Icon||Optional Icon for Display in the Logon Button|
Copy the Service Provider Endpoint URL and Service Provider Metadata URL into Azure SAML Configuration
After saving the configuration, copy the App Federation Metadata URL below back to the Simplifier in URL for IDP Metadata
Proceed with Click on User Detail (Claim Setting)
Unique Username (Name-ID) for Simplifier User
The path which points to the entry of the user profile containing the first name.
Default Value: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
The path which points to the entry of the user profile containing the last name.
The path which points to the entry of the user profile containing the email
|Mobile Phone Number||The path which points to the entry of the user profile containing the mobile phone number.|
Save the Configuration
Step 4 – Assign User and/or Groups to Enterprise Application
In the Azure portal , you have to assign single users or groups to login into simplifier successfuly
Step 5 Single-Sign-On for Connector / Integration
If you have successfully authenticated against you external identity provider, you can setup your connector endpoints for passing through the SAML Token.