Page Comparison

...

https://$HOSTNAME-QA/simplesaml/module.php/saml/sp/saml2-acs.php/$ORGANISATION_NAME

Information to be provided to Zeticon

In order for us being able to configure the SSO in MediaHaven, following information needs to be provided:

• Link to the Federation Metadata

• Test account (username/password) so we can verify the correctness of the SSO after installation

• App registration Client ID

• Who to contact in case of technical issues on your side

...

Federation Metadata URL

...

Test account *username/password)

https://docs.seon.io/knowledge-base/user-manuals/sso-integration#connect-your-sso-account-with-seon

1. Federation Metadata URL

Provide us with the URL to the Federation Metadata of the AAD of your organisation.

This is usually an URL of the form:

• https://login.microsoftonline.com/XYX/federationmetadata/2007-06/federationmetadata.xml

• where XYZ is replaced with

  • your AAD tenant id (e.g. 08fee436-8e26-486b-9de2-803127c8cb88)

  • or domain name (e.g. zeticon.com)

You can find the URL by:

• navigating and logging in to the Azure Portal (portal.azure.com)

• go to Azure Active Directory

• click App Registrations in the left pane

• click Endpoints

• find the Federation Metadata URL in the right popup pane

...

2. Integration User

Create an integration user in the AAD domain.

Make sure this users is similar to the users that will log on to the MediaHaven application. It should have the same attributes configured and have similar group memberships.

This integration user will be used for testing. Without it, we cannot ensure quality of the AAD integration.

Provided us the username and password for this user.

3. App registration

In AAD, create a application registration, following these steps:

• navigate to Azure Active Directory

• click App registrations in the left pane

• click + New Registration on the top of the page

• Fill in these:

  • Name: MediaHaven SAML integration

  • Who: Accounts in this organizational directory only (Single tenant)

  • Redirect URI: https://$HOSTNAME/simplesaml/module.php/saml/sp/saml2-acs.php/$ORGANISATION_NAME
    REPLACE $HOSTNAME and $ORGANISATION_NAME before sending to customer!

  • If your organization has a QA environment, add a second redirect URI for this installation:
    https://$HOSTNAME-QA/simplesaml/module.php/saml/sp/saml2-acs.php/$ORGANISATION_NAME-QA

  • Click register

Provided us the Application (client) ID for this App registration.

4. Minimal claims needed

In order to be able to integrate, Zeticon requires the following claims to be present in the Azure AD answerFurthermore, following minimal sets of claims are required to be sent:

• http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname

• http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname

• http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Please make sure they are provided.

5. Technical contact

In order to integrate quickly, Zeticon needs to be able to get in touch with your AAD administrator.
Please provide an e-mail address and a telephone number.

6. Answer Form

...

1 Federation Metadata URL

...

2a Integration User - username

...

2b Integration User - password

...

3 App registration Client ID

...

5a Technical contact e-mail

...

Information to be provided to Zeticon

In order for us being able to configure the SSO in MediaHaven, following information needs to be provided:

• Link to the Federation Metadata XML

• Test account (username/password) so we can verify the correctness of the SSO after installation

• App registration Client ID (in case of Azure AD IdP) or Issuer ID (in case of SAML/2 integration)

• Who to contact in case of technical issues on your side

Answering form