This guide assumes you are using Azure Active Directory for access to Workplace via SAML. The process for SWOOP is similar to Workplace except we do not do directory synchronisation.
The starting point for this guides is that you are logged into the Azure portal with administrator rights (https://portal.azure.com).
You will need a signon URL that corresponds to your SWOOP instance in the format:
You will also need to change your Entity ID to the following:
Note: This function has changed significantly in Azure as of July 2019.
- In the Azure portal navigate to 'Azure Active Directory' / 'Enterprise Applications' and click '+ Application'
- Click on 'Non-gallery application' then fill in a name (e.g. below is 'SAMPLE SAML APPLICATION') and click 'Add' (vertically underneath down the bottom):
- Click on 'Configure single sign-on (required)':
- Click on the 'SAML' panel:
- Click on 'Basic SAML Configuration' pencil to edit:
- Add the 'Entity ID' (see preparation) and set the Reply URL to just the domain name (does not seem to matter):
- Under 'SAML Signing Certificate' we need the 'App Federation Metadata Url'. Please email this to us:
- You now need to add users to the directory using the 'Users and groups' menu or allow all users in the directory using the 'Properties' menu.