STEP 1: Request to set up Single Sign On with 1800 Notify

First, contact your support team member from 1800 Notify by emailing them directly.  If you don't have their email, then please send an email to support@1800notify.com requesting to get set up with SSO or Single Sign On.

Please indicate who in your organization (email address) should be the primary person involved with SSO set up and who has access to your Azure Active Directory administrative services.  That person will need to be able to receive and open secure emails from the 1800 Notify technical team to complete this process.

Once you request for SSO to be enabled, give our team a few days to get you the information needed to begin your Azure AD set up process.

IMPORTANT: Each user must have an email address listed in order to correctly enable SSO with 1800 Notify.

STEP 2: Receive the information required to enter on Azure AD to set up SAML Single Sign On

You will receive these 2 items via secure email from 1800 Notify required to enter into Azure AD for SAML set up:

(1) Identifier (Entity ID) 

STEP 3: Create a new Enterprise Application in Azure AD

3.1  Login to your Azure account.

AZURE LOGIN : Sign in to https://portal.azure.com/signin/index/

3.2 Navigate to Azure Active Directory "Azure AD"

3.3  Click Enterprise Applications in the left nav bar.

3.4  Click  + New application to start adding the 1800 Notify app

3.5  Click to select Amazon Web Services (AWS) under Cloud platform, or search for it if you don't see it.

3.6  Setup and name the application

(1) Click AWS Single-Account Access

(2) Then change the Name to something meaningful like:

           1800 Notify for (your organization name)

(3) Click Create

STEP 4: Assign Users and Groups to the New 1800 Notify Application in Azure AD

4.1  If you just created the app, you'll already be in this screen.  If you need to get back to this screen, locate and click on the app.  Then click on "1. Assign users and groups" to assign users or groups.

4.2  Click + Add user/group

4.3  You may create a group for 1800 Notify users, if you wish, or assign individual users to the App.

4.4 Search for users to bring them up on the list, then click to add any user to the list.  

Click Select when done.

IMPORTANT: Each user must have an email address listed in order to correctly enable SSO with 1800 Notify.

4.5  On the next screen, verify the number of users selected and click Assign at the bottom.

Now you have your users or groups assigned, you need to set up SAML Single Sign On.

STEP 5: Set up SAML Single sign-on for your new Azure AD 1800 Notify Application

5.1  Navigate to the Enterprise App Management screen in Azure AD

(1) Click Single sign-on in the left nav bar.

(2) Click SAML in the middle.

Follow the 6 steps in the guide on the SAML Set Up screen:

5.2  Step 1 - Basic SAML Configuration - click Edit

5.3 Enter the following information supplied to you by 1800 Notify Technical Support.

(1) Enter the Identifier (Entity ID) -- See step 4.1 and 4.2 above

(2) Reply URL (Assertion Consumer Service URL)

(3) Click Save

 

5.4  Close the Basic SAML and move on to the next setting

(1) Click the RED X in the upper right corner.

(2) Click on "Attributes & Claims" in the wizard.

 

5.5  On Step 2 - Attributes & Claims - click Edit

 

5.5  Open a document (e.g. Microsoft Word or Notepad) to collect information required to be sent back to 1800 Notify to complete your SSO set up.

 

5.6  Review the 4 Claim Name and Value pairs.

If they are not identical to the ones below, please copy them into a your document to supply back to 1800 Notify. 

CLAIM NAME	VALUE
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress	user.mail
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname	user.givenname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	user.userprincipalname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname	user.surname

 

5.7  On the (3) SAML Certificates, please copy and paste the App Federation Metadata Url into your document.

 

The App Federation Metadata Endpoint Url - usually looks like this one:

https://login.microsoftonline.com/8109a340-xxx-xxxx-a394-3c3928b0e5d8/federationmetadata/2007-06/federationmetadata.xml?appid=954c4f86-xxxx-xxxx-xxxx-c145cea0f1b1

 

5.8  Send a SECURE email to info@1800notify.com with the document attached that contains:

The 4 Claim Name and Value pairs from step 5.6

The App Federation Metadata Endpoint Url from 5.7 

 

5.9  Give the 1800 Notify Technical Team time to complete the setup and let you know when the Single Sign-on is ready to test by sending you the LOGIN URL.

 

 

STEP 6:  Paste the Login URL into your Azure AD

6.1   You will receive a Login URL from 1800 Notify in a secure email which you will need to paste into Azure AD to complete the setup.

 

The LOGIN URL will look similar to this one:

https://1800-prd-10xxxxx.auth.us-east-2.amazoncognito.com/oauth2/authorize?client_id=7xxxxxxxxxsavs&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fsecure.1800notify.com%2Fsso%2Flogin%2F1800-prd-11xxxxx

 

6.2  Log into Azure Active Directory

 

6.2  Click on Enterprise Applications in the left nav bar.

 

6.3  Click on the Application you set up for 1800 Notify

 

6.4  Click 2. Set up Single sign on

 

6.5 Click Edit in the Basic SAML configuration

 

6.6  Paste the Sign on URL into the correct box and "Save" then Close

 

6.7  Click the Test this application button after saving and closing

 

6.8  Choose your own user or another user, then click "Test sign in"

 

7.0  (optional) Switch the Favicon from AWS to 1800 Notify's Check mark

Download the "favicon1800notify.png" from the very bottom of this article.

1. Navigate to the Enterprise App you just created in Azure AD for 1800 Notify.

2. Click on the Properties in the left nav.

3. Click the file folder next to the Logo as shown.

4. Locate and upload the "favicon1800notify.png" which you downloaded from the link at the bottom of this article.

Make sure you see the checkmark as shown.

5. Click Save.