Description

Setting up Microsoft Entra ID for Single Sign-On (SSO) allows users to access multiple applications with a single credential.

This article outlines the steps the customer needs to follow to implement single sign-on in Workflow in the cloud using the SAML standard and Microsoft Azure as the identity provider.

How do I prepare?

  • It is necessary to have an active Azure subscription.

  • To make configurations in Microsoft Entra ID, the user must be a Cloud Application Administrator, Application Administrator, or Owner of the service principal.

Deliverables

By following the steps in this guide, the customer will obtain the following information, which should be shared with the TRESS International Group Advisor:

  • SAML Signing Certificate:

    • APP Federation Metadata URL

    • Certificate (Base64)

  • Set up WFNube:

    • Login URL.

    • Azure AD Identifier.

    • Logout URL.

Process

Add Application

Configure the Workflow Nube application within your Microsoft Azure portal.

1. Go to the Azure Portal and sign in with your account. In the portal menu, select Microsoft Entra ID.

2. Go to Identity > Applications > Enterprise Applications > New Application.

 

3. Select Create your own application.

4. Enter the following information:

  • Assign a name to the application in What’s the name of your app? This name can be of your choice.

  • In What are you looking to do with your application?, select Integrate any other application you don’t find in the gallery (Non-gallery). Then click Create. The application will be added to the list of applications.

Configure SAML (Security Assertion Markup Language)

1. Go to the added application and navigate to Manage. Select Single sign-on in the side menu, then click SAML.

2. In the Basic SAML Configuration section, click Edit and enter the following information:

a) Identifier (Entity ID): https://login.tressnube.com/Workflow/

b) Reply URL (Assertion Consumer Service URL): This URL will be provided by your advisor.

c) Logout Url (Optional): https://login.tressnube.com/Workflow/SingleLogout

3. The default Attributes & Claims are as shown in the image, no adjustments are needed.

4. In the SAML Signing Certificate and Set up sections, you need to share the following with your advisor:

a) SAML Signing Certificate:

  • APP Federation Metadata URL.

  • Certificate (Base64).

b) Set up:

  • Login URL.
  • Microsoft Entra Identifier.

  • Logout URL.

Assign Users and Groups

1. Go to Users and groups on the application configuration page. Select Add user/group and assign the users or groups that need access to the application via SSO.

Final Configuration

To complete the integration, you need to share the data mentioned in the Deliverables section at the beginning of this guide with your advisor to include them in the configuration process.

 

 

Reproduction in whole or in part of this work is prohibited in accordance with the Federal Law on Copyright in Mexico and the Berne Convention internationally. All rights reserved. ©. Copyrights. Property of TRESS SOPORTE Y CONSULTORÍA, S.C., with address at: Carretera al Aeropuerto 1900, int. M2, Piso 3, Col. Centro Comercial Otay, CP 22425, Tijuana, BC, Mexico.

Classification: public.

en Otros
¿Este artículo resolvió tu duda?

Artículos relacionados