LUCY

User Tools

Site Tools

Trace:
sso_azure

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
sso_azure [2019/11/14 09:34] lucysso_azure [2022/10/04 15:18] (current) lucy
Line 34: Line 34:
  
   * Tick the option "**Enable Active Directory FS**"   * Tick the option "**Enable Active Directory FS**"
- 
-  * Download the __FederationMetadata.xml__ file from Azure AD and fill the __Identity Provider__ Endpoint and __Certificate Thumbprint__ in Lucy 
- 
-{{ ::sso_azure_lucy_configs.png?600 |}} 
- 
-{{ ::sso_azure_lucy_configs2.png?400 |}} 
  
   * Download a pre-configured SAML metadata file (copy the URL and paste into your web browser address bar, change the extension of the file to .XML, for example "lucy-sp.xml")   * Download a pre-configured SAML metadata file (copy the URL and paste into your web browser address bar, change the extension of the file to .XML, for example "lucy-sp.xml")
Line 51: Line 45:
  
 {{ ::sso_azure_lucy_metadata_file3.png?600 |}} {{ ::sso_azure_lucy_metadata_file3.png?600 |}}
 +
 +
 +  * Download the __FederationMetadata.xml__ file from Azure AD and fill the __Identity Provider__ Endpoint and __Certificate Thumbprint__ in Lucy
 +
 +{{ ::sso_azure_lucy_configs.png?600 |}}
 +
 +{{ ::sso_azure_lucy_configs2.png?400 |}}
 +
  
   * Add a new Claim "__mail__" that contain an e-mail address of the user, see more [[https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization|here]]   * Add a new Claim "__mail__" that contain an e-mail address of the user, see more [[https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-saml-claims-customization|here]]
Line 70: Line 72:
 {{ ::sso_azure_import_ssl2.png?600 |}} {{ ::sso_azure_import_ssl2.png?600 |}}
  
 +  * (**optional**) You may also configure a domain name that Azure AD will use to receive authentication requests. Azure supports both single domain and range of subdomains, however, for this you need to use a wildcard SSL certificate. By default, Lucy is configured to use system domain.
 +
 +To enable support for the subdomains, set the value in the Domain field in the following way ".domain.com"
 +
 +{{ ::sso_azure_domain_name.png?400 |}}
 +
 +Using wildcard domain name will allow you to use different subdomains in your campaigns. \\
 +:!: Please note, Azure AD does not support multiple second-level domains in a single application.
 +
 +  * (**optional**) If the option "**Auto Login**" enabled, Lucy tries to automatically log in using Single Sign-on instead of showing the Login page.
  
 ===== Testing Authentication ===== ===== Testing Authentication =====
Line 89: Line 101:
 {{ ::sso_azure_login_activity.png?600 |}} {{ ::sso_azure_login_activity.png?600 |}}
  
-  * (optional) You may also configure a domain name that Azure AD will use to receive authentication requests. Azure supports both single domain and range of subdomains, however, for this you need to use a wildcard SSL certificate. By default, Lucy is configured to use system domain.+===== OAuth 2.0 =====
  
-To enable support for the subdomains, set the value in the Domain field in the following way ".domain.com" +The method of authentication is described [[microsoft_azure_oauth_2_0|here]].
- +
-{{ ::sso_azure_domain_name.png?400 |}} +
- +
-Using wildcard domain name will allow you to use different subdomains in your campaigns. \\ +
-:!: Please note, Azure AD does not support multiple second-level domains in a single application.+
  
 ===== Troubleshoot problems ===== ===== Troubleshoot problems =====
sso_azure.1573720465.txt.gz · Last modified: 2019/11/14 09:34 by lucy