Versions Compared

Old Version 2

changes.mady.by.user Anastasiya Selivanava

Saved on

compared with

New Version Current

changes.mady.by.user Anastasiya Selivanava

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This page article describes steps to be done in Azure AD to set up an authentication-only SAML SSO connection with ServiceChannel in Azure AD.

Warning

Creation of You can create a custom SAML SSO application is available only in Azure AD Premium.

Creating a Custom Application

Panel
bgColor#F9F9F9
titleColor#0e3367
titleBGColor#EAEAEA
borderStylenone
title⦿ How to create custom SAML SSO application
  1. In the Azure classic portal, select Active Directory in the left navigation pane.
  2. From the Directory list, select the directory for which you want to enable a directory integration.
  3. Click Applications on the top menu to open the applications view.
  4. Click Add at the bottom of the page.
  5. In the What do you want to do dialog window, click Add an application from the gallery.
  6. Click CUSTOM on the left of the page and select Add an unlisted application my organization is using.
  7. Type the name of the application, for example, ServiceChannelTest, and click Complete.

If everything is fine, you should get the following message: ServiceChannelTest has been added.

Configuring SAML SSO

Panel
bgColor#F9F9F9
titleColor#0e3367
titleBGColor#EAEAEA
borderStylenone
title⦿ How to configure SAML SSO
  1. In the Azure classic portal, on the ServiceChannelTest application configuration page, click Configure single sign-on to open the Configure Single Sign-On dialog window.
  2. On the How would you like users to sign on to ServiceChannelTest page, select Microsoft Azure AD Single Sign-On, and then click Next.
  3. On the Configure App Settings page, enter your ServiceChannel SAML service URL, for example, https://st1login.servicechannel.com/saml/acs/ for the test environment, into IDENTIFIER and REPLY URL fields, and then click Next.
  4. On the Configure single sign-on at ServiceChannelTest page, download your certificate and copy the URL from the ISSUER URL field. This information should be sent to ServiceChannel support to have the SAML SSO connection set properly on both sides.
  5. Select Confirm that you have configured single sign-on as described above... and click Next.
  6. Click Complete to finish the configuration.

Configure attributes

In the Azure classic portal, on the ServiceChannelTest application configuration page, click Attributes and set the attributes.

Only nameid is required if SAML SSO is used for the user authentication only. In the case SAML SSO is used for just-in-time (or full) provisioning, additional attributes should be provided to create a new user in SC. The Role values should match the values specified in the User Role template.

Assigning users

To test your custom SAML SSO application, grant access to ServiceChannelTest to some of Azure AD users.

Panel
bgColor#F9F9F9
titleColor#0e3367
titleBGColor#EAEAEA
borderStylenone
title⦿ How to grant users access to ServiceChannelTest
  1. On the ServiceChannelTest configuration page, click Assign accounts.
  2. Select test users, click Assign, and then click Yes to confirm your assignment.

Testing SAML SSO

If you want to test your single sign-on settings, open the Access Panel and click the ServiceChannelTest application.

Troubleshooting

If you see ServiceChannel login form, your connection is set up properly, but there is an issue with the configuration on SC side or wrong data sent in the SAML assertion. Contact SC to debug.

Live Search
spaceKeySCU
additionalpage excerpt
placeholderSearch our Knowledge Base
typepage
labelsfm

Panel
titleColor#ffffff
titleBGColor#5fa7d0
borderStylegroove
titleIn this Article

Table of Contents
maxLevel3
minLevel2
indent20px

Panel
titleColorwhite
titleBGColor#75a346
titleRelated Articles

Filter by label (Content by label)
showLabelsfalse
max8
showSpacefalse
sorttitle
cqllabel = "saml-sso" and space = currentSpace ( )