Configuring Azure as the Identity Provider
To enable users from Azure Active Directory to access the SupportCenter Plus application via SAML authentication, you must configure SupportCenter Plus as an enterprise application in Azure. Follow the steps given below to configure SupportCenter Plus as a service provider in Azure.
Log in to your Azure domain at portal.azure.com.
Under Azure Services, click Enterprise Applications.
Click New Application.
In the displayed page, click Create your own application.
Provide a name for your application in the given text box.
Choose Integrate any other application you don't find in the gallery and click Create.
In the next window, click Single sign-on > SAML.
In the next page, edit Step 1 and copy-paste the Entity ID and Assertion URL from SupportCenter Plus.
Under Logout URL, copy-paste the Single Logout Service URL of SupportCenter Plus.
Click Save.
Edit Step 2 and click Unique User Identifier.
In the displayed window, choose the name identifier format.
SupportCenter Plus supports Persistent, Email Address, and Unspecified name identifier formats for login. The following table shows the difference in configuration between the supported formats.
Persistent | Email Address | Unspecified |
Choose this if you want to log in using the login name configured in SupportCenter Plus. | Choose this if you want to log in using the email address configured in SupportCenter Plus. | Choose this if you want to log in using the User Principal Name of your Active Directory account imported into SupportCenter Plus. |
If the user accounts in SupportCenter Plus have an associated domain, select Email Address as as the name identifier format.
If the user accounts in SupportCenter Plus do not have an associated domain, select the source attribute that matches the login name in SupportCenter Plus.
| Select the Source as Attribute and Source Attribute as user.mail. | Select the Source as Attribute and Source Attribute as user.userprincipalname. |
Once you have entered all the details, click Save.
Edit Step 3 and select SHA-256 as the Algorithm. Ensure that you choose the same algorithm in SupportCenter Plus.
Click
> Raw certificate download to download the certificate. You have to upload this certificate in the configuration page of SupportCenter Plus.
Click Save.
Copy the Login URL to SupportCenter Plus.
Please note that you must copy-paste the Login URL for both login URL and logout URL in SupportCenter Plus.
Click Users and Groups from the left panel to add various users to the application.
You have now configured SupportCenter Plus as a service provider in Azure.
Go to the SAML configuration page in SupportCenter Plus and provide the IdP details to configure SAML authentication with Azure as the Identity Provider.
Related Articles
Configuring ADFS 3.0 as the Identity Provider
Before you start the configuration process, make sure that the SupportCenter Plus application is running in the HTTPS mode. Then, configure SupportCenter Plus as a Relying Party Trust (RPT). This can be done either manually or using the metadata ...Configuring OneLogin as Identity Provider
Log in your OneLogin domain and click Applications under the Applications tab. In the displayed page, click Add App. Search for SAML from the search box and select SAML Test Connector (Advanced) from the search results. Provide a Name ...Configuring Okta as the Identity Provider
Log in to your Okta domain. Go to the Applications >> Add Application. Click Create New App. From the displayed dialog box, choose SAML 2.0 as the sign-on method. Click Create. In the next window, provide a Name for your application. ...Configuring Azure as the Authentication Server
To configure Azure as the authentication server, Log in to portal.azure.com. Under Azure services, click App registrations >> New registration. In the displayed page, enter a Name of your choice and choose the Supported account types. Under Redirect ...Setting up Azure Application Proxy
An alternative to hosting SupportCenter Plus server online is to use the 'Application Proxy' feature in Azure. You can run a connector service that acts as a proxy to SupportCenter Plus running in your local network. To install the connector to a ...