The Scope of the current document is to provide an overview of the configuration needed in order to configure Azure AD application to SSO with BOARD Cloud or On-Premise.
CONFIGURING SAML SSO APPLICATION
In order to use BOARD SSO in the cloud with SAML 2.0 protocol an application endpoint must be created on the IdP directory. The following sample is based on Microsoft AZURE AD.
The configuration must be done on the customer Azure AD.
1) On the AZURE Portal go under Azure AD page.
2) Click on the directory you need to grant access.
3) From the main menu select: Enterprise Application
4) From the button menu choose: New Application
5) Select “Non-gallery application”
Follow the instruction and set an Application NAME and then click add.
A page will appear with the application overview:
1. On the left menu choose “Single sign-on”
2. On the right panel that appear choose SAML and click on it.
3. A setup configuration page will appear.
4. On the 1 step click on the pencil icon to edit and fill the 2 mandatory field.
The value for Identifier must be:
The value for the parameter Reply URL must be:
NOTE: Replace <instance_host> with the corresponding host name according to the activation information provided.
On the step 3, download the Federation Metadata XML.
On the step 4 copy all 3 parameter and save it on a text file.
ENABLE BOARD CLOUD INSTANCE FOR SSO
Once finished, you have to send all information retrieved on the information page (step 3 and 4) to BOARD Support when requesting the SAML SSO activation.
On customer request BOARD can disable the standard user and password authentication method.
ENABLE BOARD ON-PREMISE INSTANCE FOR SSO
SAML configuration "saml2.config" file is usually located under "C:\Program Files (x86)\Board\Board WebApi Server\App_Data\config"
By default the configuration file is empty. Below a standard configuration for AAD: