OIDC
We recommend using OIDC for Azure AD integration.
Go to Settings > General > Identity Provider.
Click Activate Provider.
Click on Microsoft OpenID Connect.
Write your Microsoft Azure AD Tenant ID or a comma-separated list of all Microsoft Azure AD Tenant IDs you wish to use for SSO.
Each tenant ID will become a link once you accept the form.
An Azure administrator must click on each of these links to grant administrator consent to our OpenID Connect Authenticator app.
SAML
Below are the steps required to create an Azure AD SAML application to use with the CloudGen Access Console.
Note: This configuration requires an AZURE AD Premium P1 or P2 Subscription
The steps were retrieved from this tutorial
Configure SAML
1. Sign into the Azure portal as a global admin for your Azure AD tenant, a cloud application admin, or an application admin.
โ
2. Select Azure Active Directory - Enterprise Applications
3. Select New application.
4. Select Non-gallery Application
Insert the desired Name (suggestion: CloudGen Access Console)
Click Add to create the application
5. Select Single sign-on and change the method to SAML
6. In this menu, the values will be used that were obtained from Step 2 in SAML Configuration:
Fill in the following:
- Identifier (Entity ID)
- Reply URL (Assertion Consumer Service URL)
- Sign on URL (SSO URL)
Click Save and close the form.
7. Get the custom application SAML Configuration:
Take note of the Login URL and the Azure AD identifier.
Click Download to get the Certificate (Base64).
8. Select Manage - Properties:
Ensure Enabled for users to sign-in? is enabled
We recommend disabling User assignment required? Otherwise, you must manually add all the desired users/groups allowed to use the application.
9. Use the values obtained to continue the Step 3 configuration in SAML Configuration:
Entity ID -> Azure AD identifier
SSO URL -> Redirect URL
Certificate (base64) -> Certificate (base64)