Symbiant Knowledge Base Setting up SAML SSO with Azure

How to setup SAML SSO with Azure

(Note: This is a Premium Service which is an optional addon and not included as standard in any Symbiant Solution)

Critical Note #

With single sign-on, the login email is case-sensitive.

Ensure the user’s email address match the correct case in the active directory when you add users.

(e.g. James.Bond@symbiant.uk is different to james.bond@symbiant.uk)

When you add a user in Symbiant it creates the SAML login identity using the user’s email address.

If you get the case wrong you will need to remove the account and re-add it.

Accessing Azure Active Directory #

Go to your Azure Admin Account at https://portal.azure.com or https://aad.portal.azure.com

Adding a New Application #

Then, in the left menu, select Enterprise Applications. The All Applications pane will open and displays a list of the applications in your Azure AD tenant.

Select New Application

Click on Create Your Own application

Name the App Symbiant and select ensure you select the “integrate any other application you don’t find….” option,

Click Create to continue,

Selecting Single Sign On #

Select Get Started under “2. Set up single sign on”,

Select the SAML

Edit the Basic Configuration #

Select the Edit Pencil,

Next, delete any default data that is present.

Symbiant Provided Information: #

Symbiant Support shall provide the following critical information:

1. Entity ID
urn:amazon:cognito:sp:eu-west-2_example

2. Reply / ACS URL
https://example-symbiant-app-login.auth.eu-west-2.amazoncognito.com/saml2/idpresponse

3. Sign-On URL:
https://example.symbiant.cloud

Enter the provided data as in the example image above and Save it to finish

Setting the Unique Identifier #

In Attributes & Claims, select the Edit pencil,

Click on the Unique User Identifier

Set the Source Attribute to user.mail

Creating a Custom Attribute (If Required By Support) #

Select Add New Claim under Attributes & Claims,

In the Name add the name support provided,

Ensure the Source is selected to Attribute

And finally, in the Source attribute, enter the value that Symbiant Support provided. Save to finish.

Information Symbiant Support Requires #

We require the link to the App Federation Metadata URL

Copy the URL link and send it to us through a Support Ticket: Submit Support Ticket

Symbiant Support will handle the rest and get SAML set up!

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

System Setup

SAML Single Sign On

Risk Registers (System Setup)

Setting up SAML SSO with Azure

Critical Note #