Configuring SAML Authentication with Azure

1. Navigate to https://portal.azure.com, create a trial/paid account, and register a domain.
2. Log in to your Azure account using admin credentials.
3. To add an SMA application to your Azure account:

   1. On the Azure Home page, click Enterprise applications from Azure services.

      

   2. Click +New Application to add your own application.

      

   3. Browse Microsoft Entra Gallery page displays, click +Create your own application and enter your app name in the Whats the name of your app? field.
   4. Select Integrate any other application you don’t find in the gallery (Non-gallery) from what are you looking to so with your application?.

   5. Click Create to create the SMA application.

      

4. Assign users and groups to the newly added SMA application:

   1. Click Assign users and groups under Getting Started section or click Users and groups in left navigation pane.

      .

   2. Click + Add user/group and then click None Selected to display the Users and groups page.
   3. Type the user name in the search field and click Select to select your user and group.

      

   4. Click Assign.

5. To set up Single sign on:

   1. Click Get started on the Set up single sign onunder Getting Started section or navigate to Manage > Single sign-on in the left navigation pane.

      

   2. Select SAML under the Select a single sign-on method section.

      

   3. Click Edit on Basic SAML Configuration and configure basic SAML configuration:

      Identifier (Entity ID): https://my.domain.com.

      Reply URL: https://my.domain.com/__api__/v1/logon/saml2ssoconsumer.

      SSO URL (optional): https://my.domain.com/__api__/v1/logon/saml2ssoconsumer.

   4. Click Save.

      

6. To download the Certificate:
   1. Click Edit on Token signing Certificate from SAML Certificates section.

   2. Click the icon to the right of the Active certificate and select your preferable certificate to download.

      

   (or) Click Download under SAML Certificates to download your preferable certificate, later you can import to the SMA appliance.

   

7. To configure SAML on SMA appliance:
   1. Navigate to System > Certificates under SAML certificates section, click Import SAML certificate.
   2. Navigate to Portals > Domains, Click Add Domains. Create a SAML domain. For information on Adding a SAML domain, refer to the section Adding a Domain with SAML 2.0 Authentication.
   3. Enter a valid domain name.
   4. Appliance ID is https://my.domain.com Identifier (Entity ID) value present in Azure under Basic SAML Configuration section.
   5. Server ID is Microsoft Entra Identifier value present in Azure under Set up < appliance name> section.
   6. Authentication service URL is Login URL value present in Azure under Set up <appliance name> section.

   7. Logout service URL is Logout URL value present in Azure under Set up <appliance name> section.

      

      You can now proceed with authentication from Virtual Office portal and NetExtender. When you select Azure domain in the login page, you are redirected to the Azure login, and after providing correct credentials, the authentication is successful.