Learn how to finish the configuration in just a few steps.
Step 1: Create a new enterprise application
- Go to Azure Active Directory and select Enterprise Applications (or use this link)
- Choose New application
- Choose Create your own application
- Set a name for the application and select Integrate any other application you don't find in the gallery (Non-gallery)
- In your newly created application, link your users and groups to the Flexopus application on the Users and groups page.
Step 2: Set up SSO login
- Choose SAML on the Signle sign-on page.
- Edit the Basic SAML Configuration.
- Configure the required parameters:
- Set the Entitiy ID: https://{your-flexopus-domain}/auth/saml2
- Set the Reply URL: https://{your-flexopus-domain}/internal-api/auth/integrations/saml2/callback
TIP FOR THE SIGN ON URL (OPTIONAL):
If you also want to make the application available to colleagues through https://myapps.microsoft.com, then you must be sure to complete the Sign On URL. In addition, you must allow the setting "Visible to users" in the Enterprise Application Properties. We recommend this setting.
4. Edit User Attributes & Claims
5. Set Additional Claims
- Change the name to user.displayname
- Add upn with the Add new claim button and set it to user.userprincipalname
- Optionally you can add department with user.department
- Optionally you can add jobtitle with user.jobtitle
6. Copy the App Federation Metadata URL
7. Open the authentication settings in your Flexopus tenant
- Add a new provicer. Choose SAML2
- Choose the configuration method 'Metadata URL' and paste the copied SAML2 metadata URL
- Set the label of the login button
- Save your changes and enable the login
Step 3 (optional): Set up SCIM integration
Use the SCIM guide for this.
R0051