Configuration of Azure Active Directory
Azure Active Directory can be used as identity provider. The following chapters describe how to configure Azure Active Directory for the Fabasoft Cloud.
Configure Your Azure Active Directory
To create an enterprise app, proceed as follows:
- Open https://portal.azure.com/: new window and log in to an account with global administrator access.
- On the left panel, click “Azure Active Directory”.
- Click “Enterprise Applications”.
- Click “New Application”.
- Select “Non-gallery application” under the “Add your own app” section.
- Type your desired application name then click “Add”.
Note: To be able to add your own app an Azure AD Premium license is required.
To configure single sign-on for the enterprise app, proceed as follows:
- On the application overview page, click “Set up single sign-on”.
- Select “SAML” from the single sign-on method list.
- Upload the Fabasoft Cloud metadata file https://<server>/idp/saml/metadata (e.g. https://idp.cloud.fabasoft.com/idp/saml/metadata) and click “Save”.
- In the “SAML Signing Certificate” section, download the “Federation Metadata XML”.
- In the “Set up <name>” section, note down the “Azure AD Identifier”.
The XML file must be uploaded to your cloud organization (“Advanced Settings” > “Login Options” > “Active Directory / SAML 2.0” action).
To configure users who should be able to log in, proceed as follows:
- On the application overview page, click “Assign users and groups”.
- Define the users who should be able to log in.