Scroll export button | ||||||||
---|---|---|---|---|---|---|---|---|
|
Info |
---|
In this guide, you can find information how to configure support of Active Directory SSO via SAML 2.0 protocol. Created: September 2024 Permalink: https://wildix.atlassian.net/wiki/x/AQByM |
Table of Contents |
---|
Introduction
Starting from WMS 6.07.20240906.1, it is possible to configure support of Active Directory SSO via SAML 2.0 protocol.
Setup instructions
I. Configuration on Microsoft Entra side
...
- Identifier (Entity ID): a custom Unique Identifier, for example use your’s app title; this ID should later be also added to WMS
- Reply URL fields: specify the URL where redirect will be allowed
Example:
https://<<PBX DOMAIN>>/api/microsoft/callback/?callback=callbackMicrosoftSingleSignOn
Where <<PBX DOMAIN>> is the domain of the PBX where the feature will be used
10. In Attributes & Claims section, you need to make sure that user email is used for Unique User Identifier:
For this, click Edit:
Click on Unique User Identifier:
In Name identifier format field, make sure the option Email address is selected:
Click Save to apply the changes:
11. Check pre-configured settings in other sections, which should be similar to settings described on the below screenshoot:
1112. In the SAML Certificates section, download SAML Certificate (Base 64), which will later be uploaded in WMS:
...
Note |
---|
Note: You will also need the following data to be added to WMS settings:
|
1213. Navigate to Users and Groups tab (1) and click Add user/group (2):
1314. Select users who will be allowed to use this application for SSO login and click Select:
...
- Go to WMS -> PBX -> Security page
- Navigate to the section Active Directory Single SignOn via SAML 2.0 and tick off the checkbox in front of Enable field:
- Upload the certificate which was downloaded in step 11 12 of Microsoft Entra configuration above
- In the Enter Identifier (Entity ID) field, enter the ID you've added in step 9 of Microsoft Entra configuration
- In the Login URL and Microsoft Entra Identifier fields, enter the data mentioned in step 11 step 12 of Microsoft Entra configuration
- Click Save to apply the changes
Once set up, the Microsoft 365 SSO button works as SSO via SAML 2.0.
...