Setting up SSO with Azure AD

Administrators use the following steps when preparing to run SSO with Azure AD.

  Note:  This procedure requires an Azure AD Premium subscription.

1. To connect an application using an app integration template, sign in to the Azure portal using your Azure Active Directory administrator account.

2. Browse to the Active Directory > Enterprise Applications > New application > Non-gallery application section:

   

3. To give a Name to the app, type Prophix Cloud Service and click Add.

4. Select Configure single sign-on.

   

5. For Single-Sign-on Mode, select SAML-based Sign-on:

   

6. Under Basic SAML Configuration, provide the required SAML2 information for the Prophix Cloud Services Domain and URLs:

   • Identifier (Entity ID):

     https://abc-company.us1.prophix.cloud/sso/Saml2

   • Reply URL (Assertion Consumer Service URL):

     https://abc-company.us1.prophix.cloud/sso/Saml2/Acs

7. Under SAML Signing Certificate, beside Federation Metadata XML, click Download.
8. To activate the SAML2 signing certificate, enable Make new certificate active.

9. To save your changes in Azure Active Directory, click Save.

   You are now ready to set up SSO.

Troubleshooting

A user who has not been assigned to the Enterprise Application provisioned in Azure AD will receive the following error message in Azure AD:

  Note:  This error message may not apply in all cases and depends on whether the Azure administrator has enabled the optional User assignment required feature in Azure AD.

To resolve, verify that the user has permissions to authenticate to the application: