Versions Compared

Old Version 2

changes.mady.by.user Tatiana Bieliakova

Saved on

compared with

New Version Current

changes.mady.by.user Tatiana Bieliakova

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.


Scroll export button
scopecurrent
template-id0fa09813-8b86-460a-aa1d-ef450a80e9ce
quick-starttrue
add-onScroll PDF Exporter

Info

In this guide, you can find information how to configure support of Active Directory SSO via SAML 2.0 protocol.

Created: September 2024

Permalink: https://wildix.atlassian.net/wiki/x/AQByM

Table of Contents

Introduction

Starting from WMS 6.07.20240906.1, it is possible to configure support of Active Directory SSO via SAML 2.0 protocol.

Setup instructions

I. Configuration on Microsoft Entra side

...

  • Identifier (Entity ID): a custom Unique Identifier, for example use your’s app title; this ID should later be also added to WMS
  • Reply URL fields: specify the URL where redirect will be allowed
    Example:
    https://<<PBX DOMAIN>>/api/microsoft/callback/?callback=callbackMicrosoftSingleSignOn

    Where <<PBX DOMAIN>> is the domain of the PBX where the feature will be used

10. In Attributes & Claims section, you need to make sure that user email is used for Unique User Identifier:

Image Added

For this, click Edit:

Image AddedClick on Unique User Identifier: 

Image Added

In Name identifier format field, make sure the option Email address is selected: 

Image Added

 Click Save to apply the changes:

Image Added

11. Check pre-configured settings in other sections, which should be similar to settings described on the below screenshoot:

1112. In the SAML Certificates section, download SAML Certificate (Base 64), which will later be uploaded in WMS:

...

Note

Note: You will also need the following data to be added to WMS settings: 

  • Login URL 
  • Microsoft Entra Identifier


1213. Navigate to Users and Groups tab (1) and click Add user/group (2):

1314. Select users who will be allowed to use this application for SSO login and click Select:

...

  1. Go to WMS -> PBX -> Security page
  2. Navigate to the section Active Directory Single SignOn via SAML 2.0 and tick off the checkbox in front of Enable field: 

    Image Modified
  3. Upload the certificate which was downloaded in step 11 12 of Microsoft Entra configuration above
  4. In the Enter Identifier (Entity ID) field, enter the ID you've added in step 9 of Microsoft Entra configuration
  5. In the Login URL and Microsoft Entra Identifier fields, enter the data mentioned in step 11 step 12 of Microsoft Entra configuration

    Image Modified
  6. Click Save to apply the changes

Once set up, the Microsoft 365 SSO button works as SSO via SAML 2.0.

...