Setting up a SAML2 SSO requires configuration in both the TinQwise platform and an "identity provider". Microsoft Azure is a common identity provider, and this article will show you how to set it up.
In Azure, we will be creating an "enterprise application" within "Microsoft Entra", which in the past was called "Azure AD" or "Azure Active Directory". After that, log in to the Azure portal, and go to Microsoft Entra.
Select "Enterprise Applications".
Select "New Application".
Select "Create your own application".
Fill in a name for the application such as "TinQwise" and select the "Non-gallery" option.
Now the application you just created is shown. Click "Set up single sign on":
Select "SAML" for single-sign-on method, download your metadata file from https://[yourplatformname].platform.co.nl/saml2/metadata/ and save this file on your computer.
In Azure, now select "Upload metadata file" and upload the file. All settings are filled in automatically.
Copy the "App Federation Metadata Url", as we'll need this in the next step when configuring the TinQwise application. Then configuring the SAML connection on the TinQwise platform.
Screenshots with the default settings in Azure for reference.
Screenshots with the default settings in Azure for reference.
