Set Up Apricot SSO within Azure

How to setup Single Sign On in Microsoft Azure and pull the metadata into Apricot

Updated over a week ago

If you have not yet activated SSO in your Apricot database, please follow the steps for admins here: Apricot Federated Single Sign On (SSO)


Create an Azure Enterprise Application 

  1. Open Office 365 Admin Center > Azure Active Directory  

  2. Go to Enterprise Applications

    Graphical user interface, application, website

Description automatically generated

  3. Choose + New application

    Logo

Description automatically generated with medium confidence

  4. Choose + Create your own application

    Text, logo

Description automatically generated

  5. Create the name of your application and choose Integrate any other application you don’t find in the gallery (Non-gallery) > Press Create

  6. Configure Azure Enterprise Application

  7. Navigate to your newly create Azure Enterprise Application under Enterprise Applications > All applications > YourAppName. 

    Graphical user interface, application

Description automatically generated

  8. Under manager > Choose Single-sign on > Choose SAML

    Text

Description automatically generated

  9. Click Edit .

    Text

Description automatically generated

  10. Under Identifier (Entity ID) choose Add identifier. Fill in the identifier with your Apricot tenant’s SSO Pool ID from your Apricot Managed Federated SSO page.

    Background pattern

Description automatically generated with medium confidence

    Please add the entity id with the following text as the prefix: urn:amazon:cognito:sp: <YourSSOPOOLID> 

    Text

Description automatically generated

    Text

Description automatically generated

  11. Under Reply URL (Assertion Consumer Service URL) choose Add reply URL. Fill in the reply URL with your SSO POOL DOMAIN NAME from your Apricot Managed Federated SSO page. 

    Shape, rectangle

Description automatically generated
    Text

Description automatically generated

  12. Click Save. 

  13. Scroll down the page to the SAML Signing Certificate section. 

  14. Navigate to your Managed Federated SSO page and click Add SAML

    Graphical user interface, text, application, chat or text message

Description automatically generated

  15. Copy the App Federated Metadata URL and paste the information into the Provide a metadata document endpoint URL > Click SAVE

Graphical user interface, text, application

Description automatically generated



Adding SSO Users to Azure 

Note: Adding users to Azure does not add users to Apricot. Admins must also add users to Apricot.  

  1. Navigate to Users and groups inside the Enterprise Application.

  2. Choose + Add user/group

  3. Choose specific users or provisioned groups to allow users you want to have SSO Capabilities with Apricot > Click Assign. 

    Graphical user interface, text, application

Description automatically generated


Did this answer your question?