Link

How to set up Azure AD as your SAML Identity Provider

Here’s a walk-through of setting up Azure AD as your SAML Identity Provider. This allows your team to log into Zenduty without a new email / password combination.

  1. Log in to Zenduty as an account owner. In another tab, Log into Azure as an administrator.

  2. In the Zenduty tab, click on your name in the top right corner, which will reveal a dropdown with your account’s domain name. Copy your account domain name for later use.

  3. Go to your Azure portal browser tab. Navigate to “Azure Active Directory” from the left vertical panel. Navigate to “Enterprise Applications” from the left vertical panel. Click on “New application”.

  4. Click on “Create your own application”. Name your application as “Zenduty AD” or anything other name that you prefer. Select “Integratw with any other application you don’t find in the gallery” from the radio options.

  5. In the “Getting Started” area, click on “Setup single sign on”.

  6. Click on “SAML”

  7. Click on “Edit” in the “Basic SAML Configuration” area.

  8. In the “Identifier(Entity Id)”” input box, enter the value - https://www.zenduty.com

  9. In the “Reply URL (Assertion Consumer Service URL)”” input box enter the value - https://www.zenduty.com/api/account/saml/acs/

  10. In the “Relay State” input box, enter your Zenduty account domain name that you copied in step 2. Click on “Save”

  11. Click on “Edit” next to “User Attributes & Claims”. You need to create three new claims.

  12. For the first claim, Click on “Add new claim”(Note: in case the “Add new claim” button is greyed out, try refreshing your page). In the “Name” field, enter the value “email”. In the “Source” radio options, select “Attribute”. In the “Source Attribute” dropdown, search for “user.mail”

  13. For the second claim, Click on “Add new claim”. In the “Name” field, enter the value “first_name”. In the “Source” radio options, select “Attribute”. In the “Source Attribute” dropdown, search for “user.givenname”

  14. For the third claim, Click on “Add new claim”. In the “Name” field, enter the value “last_name”. In the “Source” radio options, select “Attribute”. In the “Source Attribute” dropdown, search for “user.surname”

  15. Navigate back to the “Single Sign-on” page. In the “SAML Signing Certificate” area, click on the “Download” link next to the “Certificate (Base64)” text. Open the downloaded file.

  16. Go to the Zenduty tab. Navigate to the “Account” page from your top right dropdown. Navigate to the “Single Sign-on” page from the left vertical panel. From the “Select SSO Provider” dropdown, select Azure Active Directory.

  17. For the “SAML endpoint” input box, go back to your Azure tab, and under “Set up Zenduty AD” copy the “Login URL” value and paste it ini the “SAML endpoint” input box in the Zenduty tab

  18. For the “SAML Entity ID” input box, go back to your Azure tab, and under “Set up Zenduty AD” copy the “Azure AD Identifier” value and paste it ini the “AML Entity ID” input box in the Zenduty tab

  19. For the “Certificate” input box, open the Base64 certificate downloaded in Step 15 in a text file, copy the certificate text and paste in the “Certificate” inpuut box.

  20. Click on “Save Details”

  21. Navigate back to your Azure Single Sign on tab. Click on “Users and groups” on the left vertical navigation panel. Click on “Add user/group”. Add the users you want to provide access to Zenduty.

  22. To test the setup, logout from Zenduty. Go back to the “Single Sign-on” page from the left vertical navigation panel in your Azure AD tab. Click on “Test this application” on the top. Click on “Sign in as current user”. Authenticate your Azure account. You should be redirected to your Zenduty page.

  23. For the final test, logout of Zenduty. In your browser, navigate to the Zenduty Login Page. Click on “Log in with your Identity Provider”. In the domain input box, enter your account domain name(copied from Step 2). Click on continue. You will be redirected to your Azure AD login. Authenticate your Azure account. You will be redirected to your Zenduty dashboard.

Your Azure AD integration is complete!


Copyright Zenduty 2020. Product of YellowAnt