Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revisionNext revisionBoth sides next revision | ||
organisationcloud/saml [2020_06_22 17:20] – add duo eric | organisationcloud/saml [2020_11_24 20:57] – smeadmin | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== SAML 2.0 and the SME Enterprise File Fabric ====== | ====== SAML 2.0 and the SME Enterprise File Fabric ====== | ||
- | last updated | + | last updated |
The Enterprise File Fabric supports users logging-in via the SAML 2.0 protocol. The SAML 2.0 protocol is increasing in popularity, and there are a number of different flavours and variations provided by different identity providers (IDPs), like Active Directory Federation Services (ADFS) and Google Suite (GSuite). | The Enterprise File Fabric supports users logging-in via the SAML 2.0 protocol. The SAML 2.0 protocol is increasing in popularity, and there are a number of different flavours and variations provided by different identity providers (IDPs), like Active Directory Federation Services (ADFS) and Google Suite (GSuite). | ||
Line 175: | Line 175: | ||
As an administrative user, log into the Azure portal: https:// | As an administrative user, log into the Azure portal: https:// | ||
- | Search and enter the page for " | + | Search and enter the page for " |
- | {{ :: | + | |
- | {{ ::non_gallery_app.png?200 |}} | + | {{::azure-createapp.png?800|}} |
- | On the next screen we will name the application | + | Input a name for the application, for example **Enterprise File Fabric**. |
+ | |||
+ | Select **Integrate any other application you don't find in the gallery** from the list of options. | ||
Now that the application is created, we will enable SAML for single sign-on. | Now that the application is created, we will enable SAML for single sign-on. | ||
Line 194: | Line 195: | ||
Next we will setup Group Claims. | Next we will setup Group Claims. | ||
- | Select | + | Under **User Attributes & Claims** click **Edit**. Then select **Add a group claim**. |
- | "Source Attribute" | + | |
+ | Select | ||
+ | **Source Attribute** should be set to **Group ID**. | ||
Once this is set, we will copy and save the URLs | Once this is set, we will copy and save the URLs | ||
Line 211: | Line 214: | ||
In the "User Attributes & Claims" | In the "User Attributes & Claims" | ||
+ | |||
{{ :: | {{ :: | ||
Line 221: | Line 225: | ||
Once created, we will edit the API permissions, | Once created, we will edit the API permissions, | ||
+ | |||
+ | From the list, select **Azure Active Directory Graph**. | ||
In the Request API Permissions screen, we will select: | In the Request API Permissions screen, we will select: | ||
Line 271: | Line 277: | ||
User Name field > fullname | User Name field > fullname | ||
- | User email field > mail | + | User email field > othermail |
Role\Group name field > groups | Role\Group name field > groups | ||
Line 449: | Line 455: | ||
Service Provider Name: SME File Fabric | Service Provider Name: SME File Fabric | ||
- | Entity ID: <your File Fabric URL> | + | |
- | Assertion Consumer Service: | + | Entity ID: your File Fabric URL |
+ | |||
+ | Assertion Consumer Service: your file fabric url + /saml.html | ||
{{: | {{: |