Use this section to see where settings from NetCloud Manager's SSO configuration go in an Azure app, and where settings from the Azure app go in NetCloud Manager's SSO configuration.
These steps assume you have an Azure IdP app ready to integrate with NetCloud Manager. And that you have navigated to the Add/Edit Identity Provider wizard in NetCloud Manager.
Step | Screen Reference |
|---|---|
Copy the URL under ACS URL ID to the Reply URL (Assertion Consumer Service URL) field in the Azure app. | NetCloud Manager Azure app |
Copy the URL under SP Entity ID to the Identifier (Entity ID) field in the Azure app. | NetCloud Manager Azure app |
Scroll to the Attribute Statements section in the Azure app. Add a Claim name for each of these attributes in the Attributes & Claims section under Additional claims. These attributes are used for identifying users. Add these names on the SAML Mappings page in NetCloud Manager. NoteUser attributes are evaluated each time the user logs in. This allows administrators to change a user's settings in the IdP app, if necessary. The changed setting is applied the next time the user logs in with SSO. | Azure app NetCloud Manager |
(Optional) Use the forcedPermission attribute to set a user's NetCloud Manager role or account. See the Forced Permission Examples section for more information on using the forcedPermission attribute. Add the forcedPermission name on the SAML Mappings page in NCM. | Azure app NetCloud Manager |
Complete the Azure app. Then open the Azure app to view its settings. | |
Add a name for the SSO configuration in NetCloud Manager. This does not need to be added to the Azure app. | NetCloud Manager |
(Optional) To use Service-Provider (SP) Initiated logins, select Enable SP Initiated Login. | NetCloud Manager |
(Required for SP Initiated logins) Add a unique identifier for your company in the Company Identifier field. Users will enter this value when logging in to NetCloud Manager with the Sign In With SSO button. | NetCloud Manager |
(Required for SP Initiated logins) Add the Azure app's sign-on URL to the Sign-On URL field in NetCloud Manager. (Verify) This URL comes from your Azure app on the Sign In page in the Set Up Self Serve section. | Azure app NetCloud Manager |
Copy the Login URL from the Azure app. Use this for the Identity Provider ACS URL field in NCM. | Azure app NetCloud Manager |
Copy the Microsoft Entra Identifier from the Azure app. Use this for the Identity Provider Entity ID field in NetCloud Manager. | Azure app NetCloud Manager |
Use the Download link next to Certificate (Base64) field to download the X.509 certificate. Copy the X.509 certificate text and paste it to the Certificate Text field in NetCloud Manager. | Azure app NetCloud Manager |
The Hash Algorithm value in NetCloud Manager must match the Digest Algorithm value in the Azure app. | NetCloud Manager Azure app |