This document describes how to Integrate Authomize into Azure’s Single Sign On (SSO) service.
Single sign-on (SSO) allows seamless authentication for end users. When enabled, cloud services (including Authomize) use your identity provider to authenticate user identity and roles on your enterprise directory.
In other words, once a user has signed into Azure, they can launch any other
Azure integration workflow
Setting up Authomize for SSO
- Log into Authomize.
- Go to Settings > SSO
-
- Click to Enable SSO
- Enter a Title
- Enter email domain (or domains separated by commas)
- Identity provider’s SSO URL (provided by Azure)
- Certificate (will be provided later by Azure)
- Keep this page open in a browser as you will need to copy and paste the Single sign on URL and Audience URI fields (from the bottom of the SSO Settings page) into Azure’s SAML Configuration dialog.
Integrating Authomize into Azure
- Log into https://portal.azure.com/#home:
- Click the Azure Active Directory
- In the Azure Active Directory click Enterprise applications.
- In the Enterprise applications page click New application.
- In Browse Azure AD Gallery click Create your own application.
- In the Create your own application dialog:
- Supply an application name
- Select Integrate any other application you don’t find in the gallery.
- Click Create.
After a few minutes, the application overview appears.
7. In the [Application Name] overview, click Single sign-on from the menu.
8. In the Single Sign-on dialog, click SAML.
9. The following SAML-based Sign-on dialog will open:
10. Click Edit in the Basic SAML Configuration section and then:
-
- Copy the Audience URI field from Authomize’s SSO Settings dialog
to the Identifier (Entity ID) field in Azure’s Basic SAML Configuration dialog. - Copy the Single sign on URL field from Authomize’s SSO Settings dialog
to the Reply URL field in Azure’s Basic SAML Configuration dialog. - Click Save.
- Copy the Audience URI field from Authomize’s SSO Settings dialog
11. Saving the SAML configuration causes several fields to be loaded into the SAML Certificate.
12. Click the Download button to download your SAML Certificate.
Setting up Authomize for SAML
- Go to the SSO Settings page and:
- Select Enable SSO
- Enter a title (such as Azure SSO)
- Enter your email domain
- Copy the Login URL field from Azure’s SAML-Based Sign-in page (in section ❹)
- Open the certificate in an editor and copy the contents into the certificate field in the
Authomize SSO Settings - Click Save Configuration
Note: Authomize can only integrate with one SSO at a time.
Assigning Employees to the Authomize App on Authomize
In the Settings>User Management dialog add users that aren’t already on the list.
Assigning Employees to the Authomize App on Azure
If your organization uses Azure AD for SSO, all employees are probably already listed. However, they are not necessarily listed as Authomize users. To “assign” Azure users to Authomize, and thereby, give them access to Authomize go to the Users and Groups dialog, click Add user/group, and select Authomize users from the list.
Testing the Integration
- Go to Authomize and log in with the new user’s credentials.
- If the SSO is working, it will appear as a login option. Click it.