TECHNICAL GUIDE SSO SAML Azure AD

Similar documents
TECHNICAL GUIDE SSO SAML. At 360Learning, we don t make promises about technical solutions, we make commitments.

TECHNICAL GUIDE SSO JWT. At 360Learning, we don t make promises about technical solutions, we make commitments.

Configuring Alfresco Cloud with ADFS 3.0

Five9 Plus Adapter for Agent Desktop Toolkit

Colligo Console. Administrator Guide

Using Microsoft Azure Active Directory MFA as SAML IdP with Pulse Connect Secure. Deployment Guide

NETOP PORTAL ADFS & AZURE AD INTEGRATION

ArcGIS Server and Portal for ArcGIS An Introduction to Security

Configuring Single Sign-on from the VMware Identity Manager Service to Marketo

Enabling Single Sign-On Using Microsoft Azure Active Directory in Axon Data Governance 5.2

Five9 Plus Adapter for Microsoft Dynamics CRM

Using Your Own Authentication System with ArcGIS Online. Cameron Kroeker and Gary Lee

Setting Up Resources in VMware Identity Manager (SaaS) Modified 15 SEP 2017 VMware Identity Manager

Unified Communications Manager Version 10.5 SAML SSO Configuration Example

MyWorkDrive SAML v2.0 Azure AD Integration Guide

ADFS integration with Ibistic Commerce Platform A walkthrough of the feature and basic configuration

Unity Connection Version 10.5 SAML SSO Configuration Example

Single Sign-On (SSO)Technical Specification

SafeNet Authentication Manager

SafeNet Authentication Manager

User Directories. Overview, Pros and Cons

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Integration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Better MDM

SAML-Based SSO Configuration

INTEGRATING OKTA: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

Integrating YuJa Active Learning into ADFS via SAML

Nimsoft Service Desk. Single Sign-On Configuration Guide. [assign the version number for your book]

SAML-Based SSO Solution

REVIEWERS GUIDE NOVEMBER 2017 REVIEWER S GUIDE FOR CLOUD-BASED VMWARE WORKSPACE ONE: MOBILE SINGLE SIGN-ON. VMware Workspace ONE

Enhancing cloud applications by using external authentication services. 2015, 2016 IBM Corporation

Integrating YuJa Active Learning with ADFS (SAML)

Integrating YuJa Active Learning into Google Apps via SAML

Introduction to application management

Login with Amazon. Customer Experience Overview for Android/Fire apps

RSA SecurID Access SAML Configuration for Datadog

ISA 767, Secure Electronic Commerce Xinwen Zhang, George Mason University

April Understanding Federated Single Sign-On (SSO) Process

Upland Qvidian Proposal Automation Single Sign-on Administrator's Guide

ArcGIS Enterprise Security: An Introduction. Gregory Ponto & Jeff Smith

Udemy for Business SSO. Single Sign-On (SSO) capability for the UFB portal

All about SAML End-to-end Tableau and OKTA integration

Centrify for Dropbox Deployment Guide

ArcGIS Enterprise Security: An Introduction. Randall Williams Esri PSIRT

Entrust PartnerLink Login Instructions

Integrating VMware Workspace ONE with Okta. VMware Workspace ONE

Configuration Guide - Single-Sign On for OneDesk

Morningstar ByAllAccounts SAML Connectivity Guide

RSA SecurID Access SAML Configuration for StatusPage

VMware Workspace ONE Quick Configuration Guide. VMware AirWatch 9.1

Trusted Login Connector (Hosted SSO)

Add OKTA as an Identity Provider in EAA

Mitel MiContact Center Enterprise WEB APPLICATIONS CONFIGURATION GUIDE. Release 9.2

RSA SecurID Ready Implementation Guide. Last Modified: December 13, 2013

SAML-Based SSO Solution

Advanced Configuration for SAML Authentication

Azure Archival Installation Guide

MyWorkDrive SAML v2.0 Okta Integration Guide

Setting Up Resources in VMware Identity Manager. VMware Identity Manager 2.8

SafeNet Authentication Manager. Integration Guide. Using SAM as an Identity Provider for Dropbox

Configure Unsanctioned Device Access Control

Architecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World

Integrating the YuJa Enterprise Video Platform with Dell Cloud Access Manager (SAML)

Qualys SAML 2.0 Single Sign-On (SSO) Technical Brief

esignlive SAML Administrator's Guide Product Release: 6.5 Date: July 05, 2018 esignlive 8200 Decarie Blvd, Suite 300 Montreal, Quebec H4P 2P5

How to Use ADFS to Implement Single Sign-On for an ASP.NET MVC Application

Single Sign-On for PCF. User's Guide

Integrating the YuJa Enterprise Video Platform with ADFS (SAML)

Cloud Access Manager Configuration Guide

Qualys SAML & Microsoft Active Directory Federation Services Integration

Setting Up Resources in VMware Identity Manager

Access Manager Applications Configuration Guide. October 2016

Google SAML Integration

Hypersocket SSO. Lee Painter HYPERSOCKET LIMITED Unit 1, Vision Business Centre, Firth Way, Nottingham, NG6 8GF, United Kingdom. Getting Started Guide

Cloud Secure Integration with ADFS. Deployment Guide

CONFIGURING AD FS AS A THIRD-PARTY IDP IN VMWARE IDENTITY MANAGER: VMWARE WORKSPACE ONE OPERATIONAL TUTORIAL VMware Workspace ONE

CloudHealth. AWS and Azure On-Boarding

Identity Implementation Guide

ServiceNow Deployment Guide

Configuring Claims-based Authentication for Microsoft Dynamics CRM Server. Last updated: June 2014

Configuring Single Sign-on from the VMware Identity Manager Service to Bonusly

ComponentSpace SAML v2.0 Okta Integration Guide

Configuring Claims-based Authentication for Microsoft Dynamics CRM Server. Last updated: May 2015

Introduction... 5 Configuring Single Sign-On... 7 Prerequisites for Configuring Single Sign-On... 7 Installing Oracle HTTP Server...

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Citrix NetScaler Gateway 12.0

SAP Global Track and Trace Onboarding Guide

Protecting SugarCRM with SafeNet Authentication Manager

Oracle Utilities Opower Solution Extension Partner SSO

Multi-factor Authentication Instructions

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for PingFederate

BEST PRACTICES GUIDE MFA INTEGRATION WITH OKTA

Identity Implementation Guide

DocuSign Single Sign On Implementation Guide Published: June 8, 2016

Integration of the platform. Technical specifications

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. PingIdentity PingFederate 8

Quick Connection Guide

WebEx Connector. Version 2.0. User Guide

SAML-Based SSO Configuration

Identity Implementation Guide

Azure Developer Immersions API Management

Integration Guide. SafeNet Authentication Manager. Using SAM as an Identity Provider for Okta

Transcription:

1 TECHNICAL GUIDE SSO SAML Azure AD At 360Learning, we don t make promises about technical solutions, we make commitments. This technical guide is part of our Technical Documentation. Version 1.0

2 360Learning is a Leading European Cloud Solution Provider As a leading Cloud Solution Provider, we are strongly committed to providing our clients with high levels of security, SLAs and privacy, both in the contractual engagements we make and the technical infrastructure we build. We comply with French Laws requirements which are the most restrictive in terms of Data, Security & Privacy. Nicolas Hernandez CEO, 360Learning For more information, please contact us: product@360learning.com www.360learning.com

3 Table of contents Introduction... 4 Process... 4 Standard process... 4 SSO Process... 4 Configuration... 4 Adding an unlisted application... 5 Azure AD Single Sign-On... 6 Assigning users and groups to your SAML application... 7

Introduction 4 Single Sign-On (SSO) is an authentication mechanism that allows users to access several applications with only one set of login credentials. By enabling SSO for your 360Learning application, you become responsible for the authentication of your users: they get authenticated through your own login portal and do not need an additional set of login / password anymore. Communication between your authentication system and 360Learning can be handled by several technologies including SAML (Secure Assertion Markup Language), a format based on XML. SAML is supported by many services and can be easily integrated with your corporate authentication system, for example Windows Active Directory. Process While using SSO, the process involved is slightly different and requires several browser redirections and message exchanges using SAML. Standard process 1. An unauthenticated user requests access to your 360Learning space. 2. The user is redirected to the login page of your 360Learning space where he can provide his login and password. 3. 360Learning grants him permission and redirects him to your space. SSO Process 1. An unauthenticated user requests access to your 360Learning space. 2. 360Learning redirects him to your own login URL. 3. The user gets authenticated using your own authentication process. 4. A secured SAML payload containing information about the user is created. 5. The user gets redirected to our endpoint with the SAML payload. 6. 360Learning analyzes the payload, grants the user permission and redirects him to your 360Learning space. Configuration In this part, we focus on how to configure SSO with Azure AD (Microsoft Azure Active Directory).

5 To enable SSO for your 360Learning space, first contact your designated account manager: he will guide you through the entire integration process and give you the Reply URL required to configure your Azure AD. Adding an unlisted application To connect an application using an app integration template, sign into the Azure management portal using your Azure Active Directory administrator account, and browse to the Active Directory > [Directory] > Applications section, select Add, and then Add an application from the gallery. In the app gallery, you can add an unlisted app using the Custom category on the left. After entering a Name for your application (360Learning), you can configure the single sign-on options from the following screen:

6 To start, select Configure Single Sign-On. On the next screen, select Windows Azure AD Single Sign-On and press the next arrow. Azure AD Single Sign-On You are now prompted to enter three different URLs corresponding to the SAML endpoints for the 360Learning application. Set the following parameters:

o Sign on url: https://yoursubdomain.360learning.com (please check that a subdomain has already been defined in your 360learning application settings) o Identifier: https://app.360learning.com o Reply url: the reply url you received from your account manager After these have been entered, click Next to proceed to the next screen 7 Download the certificate and save it on your disk (you will need to send it to your account manager). Set the following parameters (which may have been pre-filled by Azure AD): o Issuer url: the entityid in your Federation metadata o Single sign-on service url: the SingleSignOnService Location url in your Federation metadata o Single sign-out service url: the SingleLogoutService Location url in your Federation metadata Note: Your Federation metadata is available at: https://login.microsoftonline.com/ <TenantDomainName>/FederationMetadata/2007-06/FederationMetadata.xml Click the Next button and then the Complete to close the dialog box. Assigning users and groups to your SAML application As a security control, Azure AD will not issue a token allowing them to sign into 360Learning unless they have been granted access using Azure AD. Users may be granted access directly, or through a group that they are a member of. To assign a user or group to 360Learning, click the Assign Users button. Select the user or group you wish to assign, and then select the Assign button.

8 Assigning a user will allow Azure AD to issue a token for the user, as well as causing a tile for 360Learning to appear in the user's Access Panel. An application tile will also appear in the Office 365 application launcher if the user is using Office 365. Your application is now ready for testing. Please send the certificate, along with the Single sign-on service url and the Single sign-out service url to your account manager who will get back to you for the next steps.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback