To set up SSO for Keepit, you need to first configure SSO with Azure Active Directory (Azure AD) or another identity provider. During the configuration you will obtain the IDP URL and certificate needed to configure SSO in Keepit. If you are using Azure AD as your identity provider, before starting the setup, make sure you have a Microsoft Azure account with Azure AD Premium activated so that you can add non-gallery applications.
To create an Azure application for SSO:
- Sign in to the Azure portal.
- Browse to Azure Active Directory > Enterprise applications.
- Select +New application at the top.
- Select Non-gallery application.
- Under Add your own application, enter a name for the application, and click Add.
- Select Single sign-on from the application's left-hand navigation menu.
- Under Select a single sign-on method, select SAML.
- In the Basic SAML Configuration box, click the pencil icon to open the configuration window.
- In the Identifier field, enter the identifier that corresponds to your data center:
- In the Reply URL field, enter the URL that corresponds to your data center:
- Click Save.
- In the SAML Signing Certificate box, click Download to the right of Certificate (Base64) and the certificate with a *.cer extension will download to your computer.
- In the Set up SSO Demo box, locate the Login URL.This is the IDP URL that you need to configure SSO in Keepit.Alternatively, you can click View step-by-step instructions to open the Configure sign-on guide on how to configure SSO in Keepit with Azure AD. Here the IDP URL is named SAML Single-Sign On Service URL.
You now have all the necessary information you need to configure SSO in Keepit. To see a step-by-step guide, see: How to configure SSO in Keepit
To enable SSO for individual users, you will need to assign them to your SSO application. See: How to assign users to an SSO application in Azure