We need the 'App Federation Metadata Url' sent to us. See '8' below for more details.
This guide assumes you are using Azure Active Directory for access to Workplace via SAML. The process for SWOOP is similar to Workplace except we do not do directory synchronisation.
This guide also applies to Yammer for on-premise configuration.
The starting point for this guide is that you are logged into the Azure portal with administrator rights (https://portal.azure.com).
You will need a sign-on URL that corresponds to your SWOOP instance in the format:
You will also need to change your Entity ID to the following:
Note: This function has changed significantly in Azure as of October 2020.
- In the Azure portal navigate to 'Azure Active Directory' / 'Enterprise Applications' and click '+ Application'
- Click on '+ Create your own application'
- Fill in as per below (with your own name) and press create:
- You will now see a screen like this:
- Click on 'Single sign on' and then 'SAML' box:
- Click on 'Basic SAML Configuration' pencil to edit:
- Add the 'Entity ID' (see preparation) and set the Reply URL to just the domain name (does not seem to matter):
- Under 'SAML Signing Certificate' we need the 'App Federation Metadata Url'. Please email this to us:
- You now need to add users to the directory using the 'Users and groups' menu or allow all users in the directory using the 'Properties' menu.