Prerequisites

To get started, you need the following items:

  • An Azure AD subscription. If you don't have a subscription, you can get a free account.
  • SoSafe subscription including eLearning module

Configure Azure AD SSO

Follow these steps to enable Azure AD SSO in the Azure portal.

  1. Get your Tenant ID from Azure AD
  2. Go to the SoSafe Manager, Extended Data and SAML tab
  3. Fill in the Azure Tenant ID
  4. We then generate the URLs for the following steps for you

 

For the following instructions we assume that you created the application and assigned users as explained in the SCIM Tutorial Step 1 and 2.

 

5. In the Azure portal, on the SoSafe application integration page, find the Manage section and select single sign-on

6. On the Select a single sign-on method page, select SAML.

7. On the Set up single sign-on with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.

 

8. On the Basic SAML Configuration section, copy over the URLs from our Manager for the following fields:

  1. In the Identifier (Entity ID) text box, type a URL using the following pattern: https://services.sosafe.de
  2. In the Reply URL (Assertion Consumer Service URL) text box, type a URL using the following pattern:
     https://api.sosafe.de/v1/auth/saml/consume/
  3. In the Sign on URL text box, type a URL using the following pattern: https://api.sosafe.de/v1/auth/saml/login/<your-azure-tenant-id>
  4. In the Logout Url text box, type a URL using the following pattern:
    https://api.sosafe.de/v1/auth/saml/logout/<your-azure-tenant-id>

 

9. On the Set up single sign-on with SAML page, in the SAML Signing Certificate section, find Certificate (Base64) and select Download to download the certificate and save it on your computer.

 

10. On the Set up SoSafe section, copy all three URLs and paste them in the corresponding fields in our manager.

11. Open the certificate file from step 9. With a text editor and paste the content of the file in the certificate field in our manager

12. Save the configuration and test it with a test user.