Identity Provider setup for SSO - Azure AD
These are instructions for setting up MessageMedia SSO with Azure. If you use a different Identity Provider and need assistance with configuration, please contact our Support team at email@example.com.
Step 1: Create a new application integration
1. Sign in to the Azure portal. Click on the menu icon in the top left, and in the resulting menu pane select the Azure Active Directory service.
2. Go to Enterprise Applications
3. Select All Applications, and select Create New Application to add new application
4. Enter in “MessageMedia SSO for <Your Company>
Step 2: Create the SAML Integration
1. In the Azure portal, on your new MessageMedia SSO Application page, go to Single sign-on
2. Select SAML from the single sign-on method options
Step 3: SAML Settings
1. On the Set up single sign-on with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings
2. On the Set up single sign-on with SAML page, click the pencil icon for Basic SAML Configuration to edit the settings.:
- On the Basic SAML Configuration section, if you wish to configure the application in IDP initiated mode, enter the values for the following fields:
- In the Identifier (Entity ID) text box, use the MessageMedia Hub URL: https://hub.messagemedia.com, set as the default, and remove any other values from there
- In the Reply URL text box, use the SSO URL from MessageMedia:
3. Click Set additional URLs and perform the following step if you wish to configure the application in SP initiated mode:
- In the Sign-on URL text box, enter the following URL: https://hub.messagemedia.com/login/sso
- The Relay State and Logout URL boxes can be left blank.
4. In the User Attributes & Claims section, set the following User Attributes to their corresponding source attribute:
- Name: Source Attribute
- email: user.mail
- firstName: user.givenname
- lastName: user.surname
5. On the Set up single sign-on with SAML page, In the SAML Signing Certificate section, click copy button to copy App Federation Metadata Url:
6. Log in to your MessageMedia account in the web portal and go to Configuration, then Single Sign On (SSO), and paste the XML you copied into the IDP metadata XML field (read this article for detailed instructions)
Step 4: Assign users to MessageMedia
1. In the Azure portal, select Enterprise Applications, and then All applications. In the applications list, select your MessageMedia SSO app:
2. In the app's overview page, find the Manage section and select Users and groups:
3. Select Add user, then select Users and groups in the Add Assignment dialog:
4. In the Users and groups dialog, select from the Users list, then click Select at the bottom of the screen:
5. If you are expecting a role to be assigned to the users, you can select it from the Select a role dropdown. If no role has been set up for this app, you see "Default Access" role selected.
6. In the Add Assignment dialog, click the Assign button in the bottom left of the screen: