Skip to main content

Configure SSO with Azure AD

Required permissions
  • You must have the Users Manager permission for the DoiT Console.

  • You must have one of the following roles in Azure AD: Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.

SAML setup

Create a SAML application

To create a SAML application in Azure AD:

  1. Sign in to the Azure portal.

  2. In the Azure services section, select Azure Active Directory, and then select Enterprise application. This will open the All applications pane with a list of the applications in your Azure AD tenant.

  3. Select New application, and then select Create your own application.

  4. Enter a name for your new application and then select Create to create the application.

  5. In the Getting Started section, select 2. Set up single sign on, and choose SAML as the single sign-on method.

  6. On the Set up Single Sign-On with SAML pane, select Edit in Basic SAML Configuration.

  7. Get information for your IdP to configure the basic settings.

    • Identifier (Entity ID): The Service provider entity ID provided in the DoiT Console.

    • Reply URL (Assertion Consumer Service URL): The Callback URL provided in the DoiT Console.

    • Sign on URL: The IdP Login URL provided in the DoiT Console.

  8. Save the configuration.

Configure SAML in the DoiT Console

Use the application settings generated by Azure AD in the previous step to configure SAML in the DoiT Console.

  1. Log in to the DoiT Console, select the gear icon () from the top navigation bar, and then select Identity & access.

  2. Select Single sign-on from the left-hand menu, and then select Configure (or Edit configuration) in SAML.

  3. Copy the SAML application settings to the corresponding fields in the DoiT Console.

    • Entity ID: The Azure AD Identifier provided in the Set up {appName} section in the Azure portal.

    • SSO URL: The Login URL provided in the Set up {appName} section in the Azure portal.

    • Certificate: The SAML certificate in Base64 format that can be downloaded in the SAML Certificates section in the Azure portal.

  4. Save the configurations. SAML will be automatically enabled when you press Confirm.

Assign application to users

To allow individual users to access the application:

  1. In the Azure portal, select Users and groups from the Manage section in the left-hand menu.

  2. Select Add user/group.

  3. Select users and assign them to the application.

Verify the SSO configuration

To verify the SSO configuration:

  1. Navigate to the DoiT Console sign-in page.

  2. Sign in with your email. You'll be redirected to the Azure website.

  3. Authenticate with your credentials as an end user.

  4. If successful, you'll land on the DoiT Console Dashboards page.

See also