How to Set Up Single Sign On (SSO) using Microsoft Azure Active Directory (AD)

STEP 1: Request to set up Single Sign On with 1800 Notify

First, contact your support team member from 1800 Notify by emailing them directly.  If you don't have their email, then please send an email to support@1800notify.com requesting to get set up with SSO or Single Sign On.

Please indicate who in your organization (email address) should be the primary person involved with SSO set up and who has access to your Azure Active Directory administrative services.  That person will need to be able to receive and open secure emails from the 1800 Notify technical team to complete this process.

Once you request for SSO to be enabled, give our team a few days to get you the information needed to begin your Azure AD set up process.

IMPORTANT: Each user must have an email address listed in order to correctly enable SSO with 1800 Notify.

 

STEP 2: Receive the information required to enter on Azure AD to set up SAML Single Sign On

You will receive these 2 items via secure email from 1800 Notify required to enter into Azure AD for SAML set up:

(1) Identifier (Entity ID) 

(2) Reply URL (Assertion Consumer Service URL)
 
Once you receive these items, you can begin your set up in Azure.
 

STEP 3: Create a new Enterprise Application in Azure AD

3.1  Login to your Azure account.

AZURE LOGIN : Sign in to https://portal.azure.com/signin/index/

 

3.2 Navigate to Azure Active Directory "Azure AD"

mceclip0.png

 

3.3  Click Enterprise Applications in the left nav bar.

mceclip1.png

3.4  Click  + New application to start adding the 1800 Notify app

mceclip2.png

3.5  Click to select Amazon Web Services (AWS) under Cloud platform, or search for it if you don't see it.

mceclip3.png

 

3.6  Setup and name the application

(1) Click AWS Single-Account Access

(2) Then change the Name to something meaningful like:

           1800 Notify for (your organization name)

(3) Click Create

mceclip4.png

 

STEP 4: Assign Users and Groups to the New 1800 Notify Application in Azure AD

4.1  If you just created the app, you'll already be in this screen.  If you need to get back to this screen, locate and click on the app.  Then click on "1. Assign users and groups" to assign users or groups.

mceclip5.png

 

4.2  Click + Add user/group

mceclip6.png

 

4.3  You may create a group for 1800 Notify users, if you wish, or assign individual users to the App.

mceclip7.png

 

4.4 Search for users to bring them up on the list, then click to add any user to the list.  

Click Select when done.

IMPORTANT: Each user must have an email address listed in order to correctly enable SSO with 1800 Notify.

mceclip8.png

 

4.5  On the next screen, verify the number of users selected and click Assign at the bottom.

mceclip9.png

 

Now you have your users or groups assigned, you need to set up SAML Single Sign On.

 

STEP 5: Set up SAML Single sign-on for your new Azure AD 1800 Notify Application

5.1  Navigate to the Enterprise App Management screen in Azure AD

(1) Click Single sign-on in the left nav bar.

(2) Click SAML in the middle.

mceclip10.png

Follow the 6 steps in the guide on the SAML Set Up screen:

5.2  Step 1 - Basic SAML Configuration - click Edit

mceclip11.png

 

5.3 Enter the following information supplied to you by 1800 Notify Technical Support.

(1) Enter the Identifier (Entity ID) -- See step 4.1 and 4.2 above

(2) Reply URL (Assertion Consumer Service URL)
(3) Click Save
mceclip12.png
 
5.4  Close the Basic SAML and move on to the next setting
(1) Click the RED X in the upper right corner.
(2) Click on "Attributes & Claims" in the wizard.
mceclip13.png
 
5.5  On Step 2 - Attributes & Claims - click Edit
mceclip14.png
 
5.5  Open a document (e.g. Microsoft Word or Notepad) to collect information required to be sent back to 1800 Notify to complete your SSO set up.
 
5.6  Review the 4 Claim Name and Value pairs.
If they are not identical to the ones below, please copy them into a your document to supply back to 1800 Notify. 

CLAIM NAME

VALUE

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress

user.mail

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

user.givenname

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

user.userprincipalname

http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

user.surname

 

5.7  On the (3) SAML Certificates, please copy and paste the App Federation Metadata Url into your document.

mceclip15.png

 

The App Federation Metadata Endpoint Url - usually looks like this one:

https://login.microsoftonline.com/8109a340-xxx-xxxx-a394-3c3928b0e5d8/federationmetadata/2007-06/federationmetadata.xml?appid=954c4f86-xxxx-xxxx-xxxx-c145cea0f1b1

 

5.8  Send a SECURE email to info@1800notify.com with the document attached that contains:

The 4 Claim Name and Value pairs from step 5.6

The App Federation Metadata Endpoint Url from 5.7 

 

5.9  Give the 1800 Notify Technical Team time to complete the setup and let you know when the Single Sign-on is ready to test by sending you the LOGIN URL.

 

 

STEP 6:  Paste the Login URL into your Azure AD

6.1   You will receive a Login URL from 1800 Notify in a secure email which you will need to paste into Azure AD to complete the setup.

 

The LOGIN URL will look similar to this one:

https://1800-prd-10xxxxx.auth.us-east-2.amazoncognito.com/oauth2/authorize?client_id=7xxxxxxxxxsavs&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fsecure.1800notify.com%2Fsso%2Flogin%2F1800-prd-11xxxxx

 

6.2  Log into Azure Active Directory

 

6.2  Click on Enterprise Applications in the left nav bar.

mceclip0.png

 

6.3  Click on the Application you set up for 1800 Notify

mceclip1.png

 

6.4  Click 2. Set up Single sign on

mceclip2.png

 

6.5 Click Edit in the Basic SAML configuration

mceclip3.png

 

6.6  Paste the Sign on URL into the correct box and "Save" then Close

mceclip4.png

 

6.7  Click the Test this application button after saving and closing

mceclip5.png

 

6.8  Choose your own user or another user, then click "Test sign in"

mceclip6.png

 

7.0  (optional) Switch the Favicon from AWS to 1800 Notify's Check mark

Download the "favicon1800notify.png" from the very bottom of this article.

1. Navigate to the Enterprise App you just created in Azure AD for 1800 Notify.

2. Click on the Properties in the left nav.

3. Click the file folder next to the Logo as shown.

4. Locate and upload the "favicon1800notify.png" which you downloaded from the link at the bottom of this article.

Make sure you see the checkmark as shown.

5. Click Save.

 

 

 

 

 

 

Have more questions? Submit a request

Comments

Powered by Zendesk