Setting up SSO via an Azure AD Enterprise Application
The following steps only apply if you are using the iGrafx Platform Datacenter Edition for on-premises installations. If you are a subscriber of our cloud solution, follow the SAML Setup Steps for Cloud Customers instead.
- Navigate to „Enterprise Application“ under https://portal.azure.com
- Click New application
- Click Create your own application and enter a name
- Click Create
- Click Get started
- Click SAML
- Click Edit
- Click Add Identifier and enter your platform URL with /saml/medata at the end.
Add the Reply URL following the schema platform URL with /saml/SSO
Lastly add the Sign on URL - Click Save
- Copy the App Federation Metadata Url
- In your System properties set
igrafx.usercentral.saml.metadataurl=YOUR_METADATA_URL
or enter the URL in your browser to download the SAML metadata XML and upload it in your iGrafx platform (Administration → User management → SAML → Upload metadata file
Also set the system property for your entity ID, which you can see at the top of the same pageigrafx.usercentral.saml.entityId=YOUR_ENTITY_ID
and ensure the system property to turn on SAML is correct:spring.profiles.active=samlsecurity
- Ensure your
samlKeystore.jks
is set up and the keystore access information is present in theigrafx.properties
file as described under Set up a SAML2 keystore under SAML Authentication (ADFS, Okta, Centrify, Azure AD) - Restart your platform
- Ensure your NameID (configurable in the
Attributes & Claims
section) is configured to match the login name of your users in the platform - If any issues arise, follow the instructions to enable debugging described under SAML Authentication (ADFS, Okta, Centrify, Azure AD)