In order to integrate Azure AD with Qbrick Identity we need to set up an Enterprise Application, configure it for SAML and provide Identity Credentials to Qbrick.
Steps 1 - Create an application
- In the Azure Portal, navigate to Enterprise Applications and either configure a new application or edit an existing one.
- If creating a new application, choose the "Create you own application" and name it something descriptive.
Steps 2 - Configure
- Under the Enterprise Application > "Users and Groups", assign any users and/or groups you want to have access to sign in via SSO.
With a basic configuration these users will also have to be present as a Qbrick Video Platform user to be able to identify.
- Under the Enterprise Application > "Single sign-on", set up single sign-on as a basic SAML configuration.
We need to configure the following properties under Basic SAML configuration section:
|Identifier (Entity ID)||Enter any identifier, for example:
|Reply URL (Assertion Consumer Service URL)|
Steps 3 - Test it
In the last step of Single Sign-on, there is an option to test the application, and see if application is working.
- Click on “Test” button
- Click "Test sign in" with a user present within "Users and groups". You should receive a message saying that "Azure AD successfully issued a token..."
Step 4 - Provide configuration
Once we configure the application, you need to provide Qbrick with the following information to finalize the integration with Qbrick Video Platform, found under Enterprise Application > Single sign-on:
- Basic SAML Configuration > "Identifier (EntityId)"
- SAML Signing Certificate > "App Federation Metadata Url"
- Set up *app name* > "Login URL"
- Set up *app name* > "Azure AD Identifier"
- Set up *app name* > "Logout URL"