Microsoft Azure
This section discusses how to set up the SAML Auth plugin with Microsoft Azure IDP and how to log on to ProcessMaker.
After Installing and enabling the SAML Auth plugin, follow these steps:
-
Log on to your Microsoft Azure account.
-
After logged on, click View in the Manage Azure Active Directory section.
-
Click Enterprise Applications, then select the All Applications option.
-
Click New Application
-
On the Add an application page, click Non-gallery application, type the application name and then click Add.
-
Click on the created application, then click Users and groups on the sidebar.
-
In the Users and Groups page, it is possible to add, edit and remove users.
-
On the sidebar, click Single sign-on and then the Basic SAML Configuration step displays.
-
Click the edit icon.
-
Copy the following values from ProcessMaker Service Provider section (first image below) to the Configuration section in Microsoft Azure:
- Entity ID to Identifier (Entity ID).
- Assertion Consumer Service to Reply URL (Asssertion Consumer Service).
-
In the Set up section, click View step-by-step instructions. Then copy the following fields from Microsoft Azure to ProcessMaker in the Identity Provider section:
- SAML Single Sign-On Service URL to Single Sign-On Service.
- SAML Entity ID to Entity ID.
- Sign-Out URL to Single Logout Service.
-
In the User Attributes & Claims section, click the edit icon.
-
Copy the Claim Name and then match it to the desired User Field in the ProcessMaker Configurations section.
-
In the SAML Signing Certificate, download the Certificate (Base 64).
-
In ProcessMaker, leave the Signature Algorithm field filled in by default. Click Upload New Certificate.
-
After selecting the downloaded Certificate file, click Update Configuration to apply the changes.
To be redirected to Microsoft Azure login page, in your ProcessMaker domain, enter the Workspace name and then click Login.
Select your account or click Use another account to log on (It is possible to access directly by using the URL:
https://{server_name}
code>/sys{workspace}
/en/neoclassic/login/login).
You are now logged on to ProcessMaker via Microsoft Azure.