SWOOP Information
We need the 'App Federation Metadata Url' sent to us. See '8' below for more details.
Preparation
This guide assumes you are using Azure Active Directory for access to Workplace via SAML. The process for SWOOP is similar to Workplace except we do not do directory synchronisation.
This guide also applies to Yammer for on-premise configuration.
The starting point for this guide is that you are logged into the Azure portal with administrator rights (https://portal.azure.com).
You will need a sign-on URL that corresponds to your SWOOP instance in the format:
https://<your name>.swoopanalytics.com
You will also need to change your Entity ID to the following:
https://<your name>.swoopanalytics.com/simplesaml/module.php/saml/sp/metadata.php/default-sp
Replace '<your name>' with your SWOOP domain.
Maintenance of Certificates (used for SAML signing)
When you generate, the new certificate is passed to swoop via the Federated Meta Data and the SAML POST response. SWOOP reads the Meta Data on each login, so there is no action required by SWOOP to update the certificates.
Setup
Note: This function has changed significantly in Azure as of October 2020.
- In the Azure portal navigate to 'Azure Active Directory' / 'Enterprise Applications' and click '+ Application'
- Click on '+ Create your own application'
- Fill in as per below (with your own name) and press create:
- You will now see a screen like this:
- Click on 'Single sign on' and then 'SAML' box:
- Click on 'Basic SAML Configuration' pencil to edit:
- Add the 'Entity ID' (see preparation) and set the Reply URL to just the domain name (does not seem to matter):
- Under 'SAML Signing Certificate' we need the 'App Federation Metadata Url'. Please email this to us:
- You now need to add users to the directory using the 'Users and groups' menu or allow all users in the directory using the 'Properties' menu.
Comments
0 comments
Please sign in to leave a comment.