SSO Setup - Azure Active Directory

SSO Setup - Azure Active Directory

Add Millie as an Application

Navigate to Azure Active Directory, then:

  1. Click Enterprise Applications in the left-hand nav
  2. Click New Application
image
  1. In the search field, type in: “Azure AD SAML Toolkit”
  2. Select the Azure AD SAML Toolkit app by Microsoft Corporation
  3. Give it the name “Millie” and click Create
  4. image

Configure SSO

Starting from the Millie app created in previous step:

  1. Click Single sign-on from left-hand nav
  2. Select the SAML option
  3. In the Basic SAML Config section:
    1. Identifier (Entity ID): https://milliegiving.com/saml/<SLUG>/metadata
    2. Reply URL (ACS): https://milliegiving.com/saml/<SLUG>/acs
    3. Sign on URL: https://milliegiving.com/saml/<SLUG>/login
    4. Relay State: -leave blank-
    5. Logout URL: -leave blank-
  4. In the User Attributes and Claims section:
    1. The Unique User Identifier can be left with default value
    2. Under Additional Claims, there are 4 required entries. The exact values in the “Claim Name” field should be: id, email, firstName, lastName
    3. The id claim is the primary identifier Millie uses to identify distinct users. A value like user.userprincipalname or an employeeId if you have it works well here.

Provide Millie with IdP Metadata URL

In the Single sign-on section from the previous step…

In the SAML Signing Certificate area you’ll find a field named App Federation Metadata URL. You’ll need to provide this URL to us before your integration can function.

Final Touches

  1. Add the Millie logo to the app you’ve just configured so your employees will recognize it in their SSO dashboard.
  2. Assign users to the app.