Skip to main content
Sign in

Creating a SSO integration for Azure users

Caroline Maguire
  • June 24, 2022 09:19
  • Updated

To setup Azure Active Directory SSO in Oomnitza, complete the following steps:

  1. Navigate to Enterprise Applications in your Azure Portal mceclip1.png
  2. In the Manage section on the left menu, select All Applications.
  3. Click New application on the top menu.
  4. Click Create your own application.
  5. Enter a name for your application, for example, Oomnitza SSO. figure2.png
  6. After creating the app, in the People application integration page, find the Manage section and select Single sign-on. For further information refer to Configure Azure AD SSO.
  7. Select SAML to open the SSO configuration page. mceclip4.png
  8. Click Edit in the Basic SAML Configuration section. mceclip5.png
  9. Enter the following information, and then click Save:
    Identifier (Entity ID): http://adapplicationregistry.onmicrosoft.com/oomnitza_sso
    Reply URL (Assertion Consumer Service URL): https://{{YourOomnitzaDomain}}.oomnitza.com/saml/consume
    Sign on URL: https://{{YourOomnitzaDomain}}.oomnitza.com/saml/validateLogin

    mceclip1.png

    Important
    When you update the Identifier (Entity ID), an additional step is required. The Identifier (Entity ID) for your instance must be updated by Oomnitza. When you make this change, you must notify your contact at Oomnitza.

  10. The application requires the NameIdentifier or NameID claim to come from the userprincipalname in an email format. If the userprincipalname is already in an email format, no additional changes need to be made and you can proceed to the next step. Otherwise, you need to edit the User Attributes & Claims section. The example below shows a Name ID that uses email prefix. For further information, refer to Customize claims issued in the SAML token for enterprise applications.
    mceclip1.png mceclip2.png

  11. In the SSO configuration page, download the Certificate (Base64) and copy the Login URL. You will need these later when you login to Oomnitza.mceclip15.png

  12. Log into Oomnitza and select Configuration > Integrations.
  13. Click Integrations List View IntegrationsListView.svg
  14. On the Integrations page, scroll down to the SSO Integrations and click the Azure Active Directory tile.mceclip16.png
  15. On the CONNECT page, enter the SSO URL and upload the certificate saved from step 14. Click FINISH at the bottom right to save.mceclip17.png
  16. Return to your Azure portal and add users or groups that should have access to Oomnitza. For further information refer to Add or delete users using Azure Active Directory.
  17. Verify that SSO is successful by clicking on the Single Sign-On (SSO) option in your Oomnitza instance. mceclip20.png

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk