This page article describes steps to be done in Azure AD to setup set up an authentication-only SAML SSO connection with ServiceChannel in Azure AD.
Warning |
---|
Creation of You can create a custom SAML SSO application is available only with in Azure AD Premium. |
Creating a Custom Application
Configuring SAML SSO
Panel |
---|
bgColor | #F9F9F9 |
---|
titleColor | #0e3367 |
---|
titleBGColor | #EAEAEA |
---|
borderStyle | none |
---|
title | ⦿ How to configure SAML SSO |
---|
|
- In the Azure classic portal, on the ServiceChannelTest application configuration page, click Configure single sign-on to open the Configure Single Sign-On dialog window.
Image Added - On the How would you like users to sign on to ServiceChannelTest page, select Microsoft Azure AD Single Sign-On, and then click Next.
Image Added - On the Configure App Settings page, enter your ServiceChannel SAML service URL (e.g. ", for example,
https://st1login.servicechannel.com/saml/acs/ " for for the test environment) , into IDENTIFIER and REPLY URL fields, and then click Next. Image Added - On the Configure single sign-on at ServiceChannelTest page, download your certificate and copy the URL from the ISSUER URL - this information need to field. This information should be sent to ServiceChannel support in order to have the SAML SSO connection set properly on both sides.
Image Added - Select Confirm and that you have configured single sign-on as described above... and click Next.
Image Added - Click Complete to finish the configuration.
|
In the Azure classic portal, on the ServiceChannelTest application configuration page, click Attributes and set the attributes.
Image Added
Only nameid
is required if SAML SSO is used for the user authentication only. In the case of SAML SSO being is used for just-in-time (or full) provisioning, additional attributes need to should be provided to create a new user in SC. The Role values should match the values specified in the User Role template.
Assigning users
To test your custom SAML SSO application, you need to grant grant access to ServiceChannelTest to some of your Azure AD users the access to ServiceChannelTest.
Panel |
---|
bgColor | #F9F9F9 |
---|
titleColor | #0e3367 |
---|
titleBGColor | #EAEAEA |
---|
borderStyle | none |
---|
title | ⦿ How to grant users access to ServiceChannelTest |
---|
|
- On the ServiceChannelTest configuration page, click Assign accounts.
Image Added - Select your test user(s)users, click Assign, and then click Yes to confirm your assignment.
Image Added
|
Testing SAML SSO
If you want to test your single sign-on settings, open the Access Panel and click on the ServiceChannelTest application.
Image Added
Troubleshooting
If you see ServiceChannel login form, your connection is set up properly, but there is an issue with the configuration on SC side or wrong data sent in the SAML assertion. Contact SC to debug.