/
AC Cloud Azure IDP Server Configuration

AC Cloud Azure IDP Server Configuration

Owned by Subrat Sandilya
Last updated: Nov 28, 2024
4 min read

Objective:

The document provides a detailed step-by-step guide on configuring SAML-based Single Sign-On (SSO) integration for Adeptia Connect (AC) with Microsoft Azure Identity Provider (IdP). It includes instructions for enabling SAML SSO within Adeptia, generating Adeptia metadata, and configuring the Azure portal for SSO setup.

What to Configure?

Adeptia SAML Configuration:

  • Update deployment properties in the value.yaml file to enable SAML SSO and set the metadata generator's base URL.

  • Generate Adeptia metadata by accessing a specific URL, which produces an XML file containing essential information like EntityID, login, and logout URLs.

  • Store the Azure metadata XML file in a designated shared folder and configure its location in the deployment file.

  • Create users and roles aligned with Azure AD for logging into Adeptia applications.

Azure SAML Configuration:

  • Use the Azure portal to create a custom enterprise application, configure SAML settings, and integrate metadata from Adeptia.

  • Enter EntityID, login, and logout URLs derived from Adeptia metadata.

  • Add required users and roles in the Azure Enterprise application.

  • Share the federation metadata XML file from Azure with the Adeptia infrastructure team for the final setup.

  • Complete the configuration by enabling SAML SSO in AC4 and testing login.

 

How To Configure?

Adeptia SAML Configuration

  1. Go to portal deployment value.yaml.

  2. Search the property SAML_SSO_ENABLE and change the value ‘false’ to ‘true’ to enable SAML SSO in AC4.

  3. Then search SAML_SSO_METADATA_GENERATOR_ENTITY_BASE_URL property and change the default value(https://ac-webapp-gateway) from application URL like https://<application domain name>.

  4. To generate the Adeptia Metadata 

    1. Login into an application via admin user using the following URL https://<<application domain name>>/?user=admin

    2. Then open a new tab and hit the below URL to generate the Adeptia metadata XML

<protocol_name>://<ip_address>:<port_number>/saml2/service-provider-metadata/<registration_Id>

where,

<protocol_name> is the name of the protocol, for example, HTTP or HTTPS.

<ip_address> is the IP address of the server hosting Adeptia Connect Cloud.

<port_number> is the port number of the computer hosting Adeptia Connect.

<registration_Id> is the name provided by the user to the IdP. This is the same value you define in the portal values for the environment variable SAML_SSO_IDPS_CONFIGURATION_0_REGISTRATION_ID.yaml file. The default value for this variable is default.

 

For example, http://192.168.1.10:8080/saml2/service-provider-metadata/default.

  1. Once you hit the URL, an Adeptia Metadata XML file will download. This metadata contains EntityID, Login, and Logout URLs.

  2. Then create a SAML Folder under the shared folder and copy the Azure Metadata XML generated by the client into the SAML Folder.

  3. Then search SAML_SSO_IDPS_CONFIGURATION_0_METADATA_LOCATION property in Portal Deployment and configure the client IDP metadata XML location in the below format. 

 file:///shared/SAML/<<client metadata file>>

  1. Create the users and custom roles that Azure AD has for login into the Adeptia Application by using the admin bypass URL https://<<application domain name>>/?user=admin

 

NOTE:- Points no 5 and 6 will be completed after generating Azure AD metadata XML. 

Azure SAML Configuration

 

  1. Login into Azure https://portal.azure.com

  2. Navigate to Microsoft Intra ID from the search bar

  3. Click on the Enterprise Application

  4. Click on the + icon to add a New Application

  1. Click on the + icon to create our own application

  1. Enter the required details and click on save.

  1. Once you have created the application go to the single sign-on option and select the Saml option.

  1. Enter the details of the Saml from the Adeptia application metadata file that you have generated. Fill in the Entity ID URL, The Reply URL will be the login URL, and the Logout URL. 

  1. Once the setup is completed navigate to the Home and then go to the User tab to add the user with the required roles to the application.

10. Now go to the Enterprise application users section and add the users to whom we have to give access.

11. After the configuration download the federation metadata XML and share it with the Adeptia Infra team so that they can configure the same metadata XML at their end. Check the points 5 and 6 for Adeptia SAM Configuration

12. After adding the user enable the SSO in AC4 and try to log in with SAML Account.

 

Related content

FAQs: AC Cloud Azure IDP Server Configuration
FAQs: AC Cloud Azure IDP Server Configuration
Managed Service Knowledge Base
Read with this
Enabling SAML in Adeptia Connect
Enabling SAML in Adeptia Connect
Adeptia Connect Help v4.2
More like this
Log in to Adeptia Connect with SAML
Log in to Adeptia Connect with SAML
Adeptia Connect Help v4.2
More like this
Uploading Adeptia Connect metadata to IdP server
Uploading Adeptia Connect metadata to IdP server
Adeptia Connect Help v4.2
More like this
Log in to Adeptia Connect with SAML
Log in to Adeptia Connect with SAML
Adeptia Connect Help v4.1
More like this
SAML SSO Integration Guide
SAML SSO Integration Guide
Adeptia Suite Help
More like this