Setting up SSO via an Azure AD Enterprise Application

info

The following steps only apply if you are using the iGrafx Platform Datacenter Edition for on-premises installations. If you are a subscriber of our cloud solution, follow the instead.

1. Navigate to „Enterprise Application“ under https://portal.azure.com

2. Click New application 

   

3. Click Create your own application and enter a name

   

4. Click Create

5. Click Get started

   

6. Click SAML

   

7. Click Edit

8. Click Add Identifier and enter your platform URL with /saml/medata at the end. Add the Reply URL following the schema platform URL with /saml/SSO Lastly add the Sign on URL

   

9. Click Save

10. Copy the App Federation Metadata Url

    

11. In your System properties set igrafx.usercentral.saml.metadataurl=YOUR_METADATA_URL or enter the URL in your browser to download the SAML metadata XML and upload it in your iGrafx platform (Administration → User management → SAML → Upload metadata file Also set the system property for your entity ID, which you can see at the top of the same page igrafx.usercentral.saml.entityId=YOUR_ENTITY_ID and ensure the system property to turn on SAML is correct: spring.profiles.active=samlsecurity

12. Ensure your samlKeystore.jks is set up and the keystore access information is present in the igrafx.properties file as described under Set up a SAML2 keystore under SAML Authentication (ADFS, Okta, Centrify, Azure AD)

13. Restart your platform

14. Ensure your NameID (configurable in the Attributes & Claims section) is configured to match the login name of your users in the platform

15. If any issues arise, follow the instructions to enable debugging described under SAML Authentication (ADFS, Okta, Centrify, Azure AD)