- 2 Minutes to read
Single Sign On Using Azure AD
- 2 Minutes to read
Rivery supports connecting into your account using Single Sign On (SSO) method, using your Azure Active Directory configuration.
- For specific plans only.
- In order to start this process, please reach out to your CSM.
- An Azure Active Directory account.
- Rivery Account with the sufficient permissions.
- Entity and ACS endpoints provided by Rivery Support.
Configuring needed in Azure
Log into your Azure Account and go to Active Directory in the top search panel.
In the main menu in the left, click on Enterprise Applications.
Click on New Application.
In the Applicaions panel, click on **Create your own application
**. Name it in the right panel (i.e Rivery) and check it with Integrate any other application you don't find in the gallery
In the left menu, go to Single sign-on and then click on SAML
Send to Rivery Support the metadata url under the SAML Signing Certificate section. You'll get back the Metadata endpoints, and the ACS endpoint to configure.
7.Click on Edit in order to set up the (Assertion Customer Service) ACL ,the Identify urls and the Relay state URL.
- Under Basic SAML Configuration set the 2 endpoints provided you by Rivery support and the Relay State URL.
Make sure to remove any default preset URLs.
If no endpoints provided, please ask them by opening a support ticket here, and click on save.
Identifier (Entity ID) -> https://<rivery-auth-url>/MYACCOUNT-IDPID/metadata Reply URL (Assertion Consumer Service URL) - > https://<rivery-auth-url>/MYACCOUNT-IDPID/?acs
Copy Rivery URL of the region of your console and and paste it on the Relay State
Relay State -> https://console.rivery.io # For US console Relay State -> https://eu-west-1.console.rivery.io # for EU West 1 console
- Ensure that you select the "Default" checkbox shown in the images above.
- Confirm that there are no spaces in the URLs you've entered.
- Under the User Attributes and Claims add the next parameters. Keep of case sensativity and set them as they are below:
NameID: user.mail email: user.mail firstname: user.givenname lastname: user.surname name: user.userprincipalname Unique User Identifier: user.userprincipalname
When you click on the edit button, the additional claims screen should look like below:
Adding users to the application
Ignore the steps under Adding users if your application is not set with 'User assignment required'.
- In the left side panel under manage, click on users and groups
- In the main screen click on Add user/group
- Search for the users/groups you want to have access to the application.
- Click on Select
- Clcik on Assign
- Go to https://myapplications.microsoft.com/.
- Log into the Azure account you granted the application for.
- Click on Rivery app.