SimpleMDM integrates with Microsoft Azure using the Security Assertion Markup Language (SAML) standard. This guide will explain how to designate an Azure account as a trusted identity provider (IdP) for authenticating administrators of your SimpleMDM account.
As the Microsoft Azure user interface may change, this guide has been written to provide a general process for getting up and running.
- Navigate to Settings > Users.
- Click the 'Settings' tab.
- Under the 'Single Sign On with SAML' section, select "Yes" to enable SAML.
- In the 'Identity Provider Information' section, find the Short Name field and enter your company name (must be one word - no spaces or special characters).
- Click 'Save'. The fields under 'SimpleMDM Information' will automatically populate.
- Log into Microsoft Azure https://portal.azure.com/
- Navigate to Enterprise Applications.
- Click 'New application'.
- Select 'Create your own application'.
- Enter a name for the application and click 'Create'
- Under 'Getting Started', select '2. Set up single sign on'.
- Select 'SAML'.
- Click 'Edit' on the 'Basic SAML Configuration' section
- Copy the value in the Audience field in SimpleMDM and enter it in the Identifier (Entity ID) field in the Azure settings.
- Copy the 'SimpleMDM SAML Consumer URL' from SimpleMDM and enter it in the 'Reply URL' field in Azure.
- Copy the 'SimpleMDM Single Logout URL' from SimpleMDM and enter it in the 'Logout URL' field in Azure.
- Click 'Save' and close the 'Basic SAML Configuration' window
Back in SimpleMDM:
- In Azure scroll down to the 'SAML Certificates' section.
- Copy the 'Thumbprint' value from Azure and enter it in the 'X.509 fingerprint or certificate' field in SimpleMDM.
- In Azure scroll down to the 'Set up SimpleMDM-SSO-Login' section.
- Copy the 'Login URL' value from Azure and enter it in the 'Endpoint URL' field in SimpleMDM.
- Copy the 'Logout URL' value from Azure and enter it in 'Single Logout URL' field in SimpleMDM.
- Save the settings.
Once complete, test the connection in the Azure settings to ensure the setup was successful.