Azure Active Directory
Azure Active Directory is a Microsoft Azure service which provides identity and access management. Cloud CMS supports single sign on with Azure AD using SAML 2.0.
Before configuring the Cloud CMS Single Sign-On, you’ll need to set up a few things on Microsoft Azure Active Directory:
If not already present, create an Azure Account using the Azure portal. Log into the portal and go to Azure Active Directory.
Go to the App Registrations tab in your directory to create a new application. Click New application registration button at the top panel.
Enter the Name for the application and Sign on URL. Click on Create.
Once the Application is created, Choose the application you created from the list of All apps. Go to Setting tab and Enter the reply URL as : "http://localhost/saml/consume".
To find the Client SAML Endpoint URL, Go to App Registrations panel and click on Endpoints button on the top panel.
From the Endpoints screen, copy the URL at the SAML-P SIGN-ON ENDPOINT field.
Now, to configure Cloud CMS:
- Go to Platform Settings > SSO.
- Select SAML 2.0 from the list as below:
- In the SAML SSO URL field, paste the URL copied above.
- In the SAML Issuer field, enter the Application ID of the application created.
All the other fields can be filled as explained in section 1.
Below is a screenshot of how the settings page would look like:
Save the settings.
You can now verify that Cloud CMS is configured to use SAML 2.0:
- Log out of your current Cloud CMS account
- Log back in
- While Logging in again, you will be re-directed to Microsoft Azure portal.
- Enter the username and password of your account.
- If the credentials match, you will be redirected back to Cloud CMS.
- Cloud CMS will automatically log you in and create your user if it doesn't yet exist.
- Proceed and may the force be with you.