To get started, you need the following items:
- An Azure AD subscription. If you don't have a subscription, you can get a free account.
- SoSafe subscription including e-Learning module
Configure Azure AD SSO
Follow these steps to enable Azure AD SSO in the Azure portal.
Steps 2 and 3 can only be performed by your contact at SoSafe.
- Get your Tenant ID from Azure AD and share it with your contact at SoSafe
- We file your tenant ID for you in the SoSafe Manager
- We then generate the URLs for the following steps for you
For the following instructions we assume that you created the application and assigned users as explained in the SCIM Tutorial Step 1 and 2.
4. In the Azure portal, on the SoSafe application integration page, find the Manage section and select single sign-on
5. On the Select a single sign-on method page, select SAML.
6. On the Set up single sign-on with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.
7. On the Basic SAML Configuration section, copy over the URLs from our Manager for the following fields:
- In the Identifier (Entity ID) text box, type a URL using the following pattern: https://services.sosafe.de/
- In the Reply URL (Assertion Consumer Service URL) text box, type a URL using the following pattern:
- In the Sign on URL text box, type a URL using the following pattern: https://api.sosafe.de/v1/auth/saml/login/<your-azure-tenant-id>
- In the Logout Url text box, type a URL using the following pattern:
The following steps can be skipped:
9 . Send the "App Federation Metadata URL" (section 3) to your SoSafe contact.
10. Save the configuration and test it with a test user.
8. On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Certificate (Base64) and select Download to download the certificate and save it on your computer.
9. On the Set up SoSafe section, copy all three URLs and provide them to your contact at SoSafe so he can paste them into the appropriate fields in our manager for you.
10. Open the certificate file from step 9 with a text editor and send the content to your SoSafe contact so they can enter the contents of the file into the certificate field in our manager.
11. Save the configuration and test it with a test user.