Set up Azure SSO
Set up Single Sign-On with Azure to provide your team with a single point of access to AppFollow.
In your Azure account:
1. In the search bar, type “enterprise applications” and click on the first option.
2. Click “New application”.
3. Proceed with “Non-gallery application”.
4. Fill out the name and click the "Add" button.
5. Return to the “Enterprise applications” page.
6. Open the created application and in the left-hand menu click “Users and groups” to assign users that will have access to this app.
7. When all users are assigned, open “Single sign-on” and click on “SAML”.
8. Now we need to edit the Basic SAML Configuration as shown below:
Identifier (Entity ID): https://sso.appfollow.io/metadata/
Reply URL (Assertion Consumer Service URL): https://sso.appfollow.io/acs
Relay State: enter the email address associated with your AppFollow account (owner’s email)
Save your changes.
9. Edit “User Attributes & Claims”. Click “Add new claim” and add three new claims.
Important!
Public email address should be used instead of UPN.
- Name = Email; Source attribute = user.mail
- Name = FirstName; Source attribute = user.givenname
- Name = LastName; Source attribute =. user.surname
10. Save and go back.
Once the claims have been added, copy the SAML Signing Certificate to the AppFollow SSO Settings.
Open the link from “App Federation Metadata Url” in a new window and copy the whole X509Certificate block content to the AppFollow SSO settings into the section “Public Certificate”.
Make sure to copy the whole certificate, not a part of it!
In your AppFollow account:
Now you need to copy links from Azure to AppFollow SSO settings.
- Login URL copy to SAML SSO URL.
- Azure AD Identifier copy to Entity ID. Save your SSO settings in AppFollow.
Here you are - now you can use Azure AD SSO.