This guides explains how to setup SSO using SAML with Azure AD.

Prerequisites

The following are required to provide SSO support through Azure AD

  • Azure AD Premium
  • an Elements Corporate IT Management with at least one connected domain
  • an Elements account which has the right to administer the Corporate IT Management environment

Steps to enable SAML

Open the Azure Portal select Azure Active Directory and:

(1) From the Enterprise applications select New Application

(2) Select a Non-gallery application

(3) Provide a Suitable name e.g. Elements

(4) From the Application Manage menu select Single Sign-on

(5) Select SAML option

(6) Open the Elements Corporate IT Mgt application and select the Config page.  The URLs required for the following section are displayed

(7) In the Azure AD Application SAML setup page, on section 2 , Domains and URLs, provide the following:

In the Identifier (Entity ID) paste the Metadata URL from the Config page in Elements

In the  Reply URL (Assertion Consumer Service URL) paste the Single Sign On URL from the Config page in Elements

(8) In section 3 change the User Identifier select from the drop down the user.mail option

(9) From section 4 download the Metadata XML file

(10) In Elements on the SSO Config Page enter a value into the Identity provider name e.g. Azure.

(11). Upload the certificate by selecting the Metadata.xml file downloaded from Azure

(12). Submit the form

SAML is now enabled  

End User Access

When users want to log into Elements from the login page they select the option at the bottom called Login with SSO or they can bookmark 


https://app.q9elements.com/signin-sso

They enter their email and if they are already authenticated with AD they will be automatically taken to Elements or they will be taken to the AD login page


Did this answer your question?