Configure SAML Authentication in Fracttal Using Azure AD
To configure Single Sign-On, you need:
- An Azure AD user account. If you don't have an account yet, you can create one for free Here.
- One of the following roles: global administrator, cloud application administrator, application administrator, or service principal owner.
- Access to the Fracttal One application.
- A Fracttal One user with an Administrator profile.
Configuration in Azure Active Directory
Go to the Azure Active Directory Admin Centre and sign in using one of the roles listed in the prerequisites.
( https://aad.portal.azure.com/ )
From the left pane, Click Azure Active Directory.
In the left pane, Click Enterprise applications. The All applications pane opens and displays a list of the
applications in your Azure AD tenant. Click “New application”.
Click “Create your own application”, as Fracttal is not a gallery Application.
Enter A name for your application, it will be used for you to identify what application and environment the
SSO Set-up is for. Check Mark “Integrate any other application you don't find in the gallery (Non-gallery)”.
Click “Create”
In the manage section of the left menu, Click “Users and groups” and Click “Add User/Group” for access
with SSO. Note: their email within Fracttal needs to be identical to that of the user assigned within Azure
AD.
In the middle pane, Click “Users”, then in the right pane, Search for the users you wish to add for access
with SSO. Click on the user then click “Select”
In the middle pane under users it will display how many you have added. Click “Assign”
Click “SAML” box from the right pane.
Click “edit”, on step 1
You are only required to fill in Identifier (Entity ID) and Reply URL (Assertion Consumer Service URL) .
- Identifier (Entity ID): This is Something you can set – must be unique. Example
“FracttalTestingEnvironment1” - Reply URL: Copy and paste
(https://one.fracttal.com/rpc/auth/samlcallback? Codesaml=fracttalsaml) - Click “Save”
Configuration in Fracttal One
Now we can Move to Fracttal. Login to https://one.fracttal.com/ with and administrator user.
- Click on Your user.
- Click on “Settings”
- Click on “Security”
Click “SSO”, Fill in the fields as per your Azure AD SSO Configuration.
| Fracttal | Azure AD |
|---|---|
| SAML Code | The text “FracttalSML” |
| Entry Point | Login URL |
| Issuer | Identifier (Entity ID) |
| Redirect URL on Logout | Logout URL |
| Certificate | Certificate |
The Certificate needs to be Downloaded from Azure AD, opened with a text editor then copy/paste your
certificate into Fracttal.
Press Save
Testing:
Navigate back to Azure AD. Under step 5 Click “Test”. Then Checkbox “sign in as current user” and Click “test
sign in” – it should log you into Fracttal.
Access:
Within your Enterprise Application, Click “Properties” from the middle panel under manage. Here you can
see the User access URL. This is the link your users may use to access this application directly from their
browser URL bars. By navigating to this link, users will be automatically signed into the
Navigate to https://myapps.microsoft.com/ and sign in. You can see your created Application here. Click on it
to sign in using SSO.
Updated 2 months ago