How to Set Up Single Sign On (SSO) using Microsoft Azure Active Directory (AD)

STEP 1: Request to set up Single Sign On with 1800 Notify

First, contact your support team member from 1800 Notify by emailing them directly.  If you don't have their email, then please send an email to support@1800notify.com requesting to get set up with SSO or Single Sign On.

Please indicate who in your organization (email address) should be the primary person involved with SSO set up and who has access to your Azure Active Directory administrative services.  That person will need to be able to receive and open secure emails from the 1800 Notify technical team to complete this process.

Once you request for SSO to be enabled, give our team a few days to get you the information needed to begin your Azure AD set up process.

IMPORTANT: Each user must have an email address listed in order to correctly enable SSO with 1800 Notify.

 

STEP 2: Receive the information required to enter on Azure AD to set up SAML Single Sign On

You will receive these 2 items via secure email from 1800 Notify required to enter into Azure AD for SAML set up:

(1) Identifier (Entity ID) 

(2) Reply URL (Assertion Consumer Service URL)
 
Once you receive these items, you can begin your set up in Azure.
 

STEP 3: Create a new Enterprise Application in Azure AD

3.1  Login to your Azure account.

AZURE LOGIN : Sign in to https://portal.azure.com/signin/index/

 

3.2 Navigate to Azure Active Directory "Azure AD"

mceclip0.png

 

3.3  Click Enterprise Applications in the left nav bar.

mceclip1.png

3.4  Click  + New application to start adding the 1800 Notify app

mceclip2.png

3.5  Click to select Amazon Web Services (AWS) under Cloud platform, or search for it if you don't see it.

mceclip3.png

 

3.6  Setup and name the application

(1) Click AWS Single-Account Access

(2) Then change the Name to something meaningful like:

           1800 Notify for (your organization name)

(3) Click Create

mceclip4.png

 

STEP 4: Assign Users and Groups to the New 1800 Notify Application in Azure AD

4.1  If you just created the app, you'll already be in this screen.  If you need to get back to this screen, locate and click on the app.  Then click on "1. Assign users and groups" to assign users or groups.

mceclip5.png

 

4.2  Click + Add user/group

mceclip6.png

 

4.3  You may create a group for 1800 Notify users, if you wish, or assign individual users to the App.

mceclip7.png

 

4.4 Search for users to bring them up on the list, then click to add any user to the list.  

Click Select when done.

IMPORTANT: Each user must have an email address listed in order to correctly enable SSO with 1800 Notify.

mceclip8.png

 

4.5  On the next screen, verify the number of users selected and click Assign at the bottom.

mceclip9.png

 

Now you have your users or groups assigned, you need to set up SAML Single Sign On.

 

STEP 5: Set up SAML Single sign-on for your new Azure AD 1800 Notify Application

5.1  Navigate to the Enterprise App Management screen in Azure AD

(1) Click Single sign-on in the left nav bar.

(2) Click SAML in the middle.

mceclip10.png

Follow the 6 steps in the guide on the SAML Set Up screen:

5.2  Step 1 - Basic SAML Configuration - click Edit

mceclip11.png

 

5.3 Enter the following information supplied to you by 1800 Notify Technical Support.

(1) Enter the Identifier (Entity ID) -- See step 4.1 and 4.2 above

(2) Reply URL (Assertion Consumer Service URL)
(3) Click Save
mceclip12.png
 
5.4  Close the Basic SAML and move on to the next setting
(1) Click the RED X in the upper right corner.
(2) Click on "Attributes & Claims" in the wizard.
mceclip13.png
 
5.5  On Step 2 - Attributes & Claims - click Edit
mceclip14.png
 
5.5  Open a document (e.g. Microsoft Word or Notepad) to collect information required to be sent back to 1800 Notify to complete your SSO set up.
 
5.6  Review the 4 Claim Name and Value pairs.
If they are not identical to the ones below, please copy them into a your document to supply back to 1800 Notify. 

CLAIM NAME

VALUE

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

user.mail

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

user.givenname

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

user.userprincipalname

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

user.surname

 

5.7  On the (3) SAML Certificates, please copy and paste the App Federation Metadata Url into your document.

mceclip15.png

 

The App Federation Metadata Endpoint Url - usually looks like this one:

https://login.microsoftonline.com/8109a340-xxx-xxxx-a394-3c3928b0e5d8/federationmetadata/2007-06/federationmetadata.xml?appid=954c4f86-xxxx-xxxx-xxxx-c145cea0f1b1

 

5.8  Send a SECURE email to info@1800notify.com with the document attached that contains:

The 4 Claim Name and Value pairs from step 5.6

The App Federation Metadata Endpoint Url from 5.7 

 

5.9  Give the 1800 Notify Technical Team a day or so to complete the setup and let you know when the Single Sign-on is ready to test.

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk