Enable SSO using Azure
- To set up Single Sign-On you must have a Tenant Admin to enter the appropriate configuration in ‘Integrations’ settings.
- In ‘Integrations’, select the SAML option to begin the setup process.
- Click on ‘Enable SAML’ with below options
- You will require the Service Provider information with Single Sign On URL and Service Provider Entity ID while Integrating Wavity with Azure. Use Single Sign On URL link and Service Provider Entity ID link while setting up Azure.
- Next step is to fill Identity provider information and Assertion Attributes Mapping in Wavity Platform using Azure. (Refer next page)
- Enter the information in the appropriate fields using Azure and click on Save.
Steps to set up Azure
- Go to https://portal.azure.com/#, and click on ‘Azure Active Directory’ in the menu to your left, then on ‘Enterprise Applications’:
- Click on new application. Then click on create your own application.
- Select the toggle which says “Integrate any other application you don’t find in the gallery
- The app is now created. If you get lost, you can always get back to it by selecting its name from the enterprise applications list you’ve already visited above. Click on ‘Set UP single sign-on’.
- Select single sign-on method as SAML
- On the next page, you find a link to a configuration guide which you can consult if you have any azure-specific questions. Or you can go straight to adding the two config parameters you need. Fill in the following tabs Identifier email ID, Reply URL, Sign on URL & Relay state using the links from Wavity Integration setting page as below
- After filling all information, you will prompted to the following page. Click on edit option on Attributes & Claims
- After deleting all the existing claims, Click on Add new claim in Attributes & Claims section
- Type Email in name tab and select source attribute as user.mail and click save. Please copy the source attribute ‘user.mail’ to Wavity SAML Integrations setting page under section Assertion attributes mapping
- Similarly, Type firstname in name tab and select source attribute as user.givenname and click save. Please copy the source attribute ‘user.givenname’ to Wavity SAML Integrations setting page under section Assertion attributes mapping
- Similarly, Type lastname in name tab and select source attribute as user.surname and click save. Please copy the source attribute ‘user.surname’ to Wavity SAML Integrations setting page.
- Setup of Azure is complete. Now, click on download option of Federation Metadata XML. Copy all the details in the downloaded file and paste it on Identity provider Metadata section on Wavity SAML Integrations setting page.
- Click on copy the link beside login URL. Paste it on Identity provider Single-Sign-On section on Wavity SAML Integrations setting page
- As the last step, you will use the Azure to fill the tabs below the Identity Provider Single-Sign-On URL, Identity Provider Metadata & Assertion Attributes Mapping in Wavity. Please ensure the values of Attributes in Azure matches with the values in Wavity SAML Integrations setting page. Enter the information in the appropriate fields as described below using Azure and click on Save. Wavity SAML Integration using Azure is complete.
Please find below details which will be required during Set Up:
Entity Id: urn:mace:saml:wavity.com
Relay State: /wavity
Once it is done with app creation, need to assign users to the newly created and configured application.
User can now use SSO to sign into Wavity.