To enable users from Azure Active Directory to access the SupportCenter Plus application via SAML authentication, you must configure SupportCenter Plus as an enterprise application in Azure. Follow the steps given below to configure SupportCenter Plus as a service provider in Azure.
Log in to your Azure domain at portal.azure.com.
Under Azure Services, click Enterprise Applications.
Click New Application.
In the displayed page, click Create your own application.
Provide a name for your application in the given text box.
Choose Integrate any other application you don't find in the gallery and click Create.
In the next window, click Single sign-on > SAML.
In the next page, edit Step 1 and copy-paste the Entity ID and Assertion URL from SupportCenter Plus.
Under Logout URL, copy-paste the Single Logout Service URL of SupportCenter Plus.
Edit Step 2 and click Unique User Identifier.
In the displayed window, choose the name identifier format.
SupportCenter Plus supports Persistent, Email Address, and Unspecified name identifier formats for login. The following table shows the difference in configuration between the supported formats.
Choose this if you want to log in using the login name configured in SupportCenter Plus.
Choose this if you want to log in using the email address configured in SupportCenter Plus.
Choose this if you want to log in using the User Principal Name of your Active Directory account imported into SupportCenter Plus.
If the user accounts in SupportCenter Plus have an associated domain, select Email Address as as the name identifier format.
If the user accounts in SupportCenter Plus do not have an associated domain, select the source attribute that matches the login name in SupportCenter Plus.
Select the Source as Attribute and Source Attribute as user.mail.
Select the Source as Attribute and Source Attribute as user.userprincipalname.
Once you have entered all the details, click Save.
Edit Step 3 and select SHA-256 as the Algorithm. Ensure that you choose the same algorithm in SupportCenter Plus.
Click > Raw certificate download to download the certificate. You have to upload this certificate in the configuration page of SupportCenter Plus.
Copy the Login URL to SupportCenter Plus.
Please note that you must copy-paste the Login URL for both login URL and logout URL in SupportCenter Plus.
Click Users and Groups from the left panel to add various users to the application.
You have now configured SupportCenter Plus as a service provider in Azure.
Go to the SAML configuration page in SupportCenter Plus and provide the IdP details to configure SAML authentication with Azure as the Identity Provider.