Overview
An SSO integration is a process of connecting different software applications, systems, or websites to allow users to access multiple platforms with a single set of login credentials. This integration enables users to authenticate once and access different applications without needing to re-enter their login details for each one. SSO integration streamlines the login process, improves user experience, and enhances security by eliminating the need for users to remember multiple sets of login credentials.
Setup
In order to integrate Azure AD with Qbrick Identity we need to set up an Enterprise Application, configure it for SAML and provide Identity Credentials to Qbrick.
Step 1 - Create an application
- In the Azure Portal, navigate to Enterprise Applications and either configure a new application or edit an existing one.
- If creating a new application, choose the "Create you own application" and name it something descriptive.
Step 2 - Configure
- Under the Enterprise Application > "Users and Groups", assign any users and/or groups you want to have access to sign in via SSO.
With a basic configuration these users will also have to be present as a Qbrick Video Platform user to be able to identify. - Under the Enterprise Application > "Single sign-on", set up single sign-on as a basic SAML configuration.
You need to configure the following properties under Basic SAML configuration section:
Property name | Values |
---|---|
Identifier (Entity ID) | Enter any identifier, for example:
|
Reply URL (Assertion Consumer Service URL) |
Step 3 - Provide configuration
Once we configure the application, you need to provide Qbrick with the following information to finalize the integration with Qbrick Video Platform, found under Enterprise Application > Single sign-on:
- Basic SAML Configuration > "Identifier (Entity ID)"
- SAML Signing Certificate > "App Federation Metadata URL"
- Set up *app name* > "Login URL"
- Set up *app name* > "Azure AD Identifier"
- Set up *app name* > "Logout URL"
Step 4 - Confirmation
Once we have set up the corresponding configuration on our side the integration is ready to be used.