Azure SSO

Configuration of SSO on the Azure site.

Configure an Azure AD Identity Provider

Configure Microsoft Azure Active Directory (AD) as an identity provider to let users log in to your Connect tenant using their Azure AD credentials.

Follow the below steps to configure Azure AD as an identity provider.

  1. Set up an Azure AD application.
  2. Setup your an Azure AD SSO on Webex Connect.
  3. Test the connection.

Configure SSO on Azure

To Configure SSO on Azure, follow the procedure below:

  1. Log in to your Azure portal I.e., Microsoft Azure
  2. Click Azure Active Directory under Azure services.
  1. On the left pane, click Enterprise applications under Manage.
Screenshot of selecting the Enterprise applications

Screenshot of selecting the Enterprise applications

  1. Click + New application.
Image showing the interface to click the + New application button, highlighting its location for adding a new application.

Screenshot instructing to click + New application

  1. Click + Create your own application.
Image displaying the interface with guidance on how to create your own application

Screenshot instructing to create your own application

  1. Do the following in the Create your own application section:
    1. Enter a valid name for your application.
Image showing the interface to enter the name for your app

Screenshot instructing to enter the name for your app

  1. Select Integrate any other application you don’t find in the gallery (Non-gallery) under What are you looking to do with your application?
  2. Click Create.
    The Overview page is displayed.
Image showing the interface with instructions to select the Single Sign-on option

Screenshot displaying the option to select Single Sign-on

  1. On the left pane, click Single sign-on and then click SAML.
Image showing the interface to select the SAML option

Screenshot instructing to select the SAML option

  1. Click Edit in Basic SAML Configuration and enter/update the details.
Image showing the interface with Basic SAML Configuration details

Screenshot displaying the Basic SAML Configuration details

📘

Note

Entity ID, Assertions Consumer Service URL are available on Webex Connect. It is available under Single Sign-On Settings.

Setting up SAML Configuration

  1. Log in to your Webex tenant and click Single Sign-On Settings.
Image showing the interface for Single Sign-On Settings in Webex Connect.

Screenshot displaying the Single Sign-On Settings in Webex Connect

  1. In the Single Sign-On Settings page enter the Identifier (Entity ID).

    📘

    Note

    Please make sure the same Entity ID is configured in Azure and Webex Connect. We recommend using the Entity ID available in Connect.

Screenshot of Single Sign-on Settings Page

Screenshot of Single Sign-on Settings Page

  1. Copy the Identifier value from Webex Connect Service Provider Details.
Screenshot of Configuring the Identifier Value.

Screenshot of Configuring the Identifier value

  1. Click Add Identifier and paste the value.
Screenshot of Identifier (Entity ID).

Screenshot of Identifier (Entity ID)

  1. Enter the Reply URL (Assertion Consumer Service URL). To get this value, login to your Webex Connect and navigate Single Sign-On Settings.
  2. Copy the Reply URL (Assertion Consumer Service URL) value from Webex Connect Service Provider Details.
Screenshot of ACS URL

Screenshot of ACS URL

  1. Click Add reply URL and paste the value.
Screenshot of Adding Reply URL.

Screenshot of Adding Reply URL

  1. Click Save.
Screenshot of saving the Basic SAML Configuration.

Screenshot of Saving the Basic SAML Configuration

  1. Click Edit in Attributes & Claims and enter/update the details.

    AttributesValuesDescription
    mobilenouser.telephonenumberThe telephone number of the user
    loginiduser.mailThe email ID of the user
    firstnameuser.displaynameThe first name of the user
    Unique User Identifieruser.mailThe email ID of the user

    📘

    Attributes in assertion data

    The attributes are case-sensitive and should be entered in the displayed cases above.

    • Steps to add an Attribute Enter Name, Namespace in Manage Claim.
Screenshot of Managing claim page

Screenshot of Managing claim page

  • Select the required Source.
  • Select the required Source attribute from the drop-down.
  • Click Save.
  1. To download the SAML Certificates, click Certificate (Base64 ) Download.

Configuring SSO on Webex Connect

  1. Login to your Webex Connect and navigate to Single Sign-On Settings.
  2. Enter the Identity Provider Login URL copied from the Azure portal.
Screenshot of Configuring the SSO in Webex Connect

Screenshot of Configuring SSO in Webex Connect

  1. Enter the Entity ID. Copy and Paste the Entity ID from Connect Single Sign-On page or Azure Single Sign-On page.

    📘

    Note:

    The Entity ID must be same in both the Webex Connect and Azure portals. We recommend using the Entity ID

  2. Enter the Remote Logout URL copied from Azure Portal.
Screenshot of Configuring the Logout URL.

Screenshot of Configuring the Logout URL.

  1. Upload the Base 64 Certificate (which is downloaded from the Azure) in the Identity Provider Certificate.
  2. Select the Request Signature Method as RSA-SHA256 from the drop-down.
  3. Click Save.
  4. Click Confirm on the pop-up.

Testing the SSO Connection

  1. On Single Sign-On Settings page click Test.
  2. Enter the Email Id.

📘

NOTE

Please make sure the email address used for testing is registered on Azure with SSO app, created during the configuration on SSO.

Screenshot of Testing the SSO Connection

Screenshot of Testing the SSO Connection

  1. Click Test.