| Table of Contents |
|---|
Setup
What is needed from the customer to set up SSO on Azure AD platform using SAML protocol?
1. Customer sets up the first app in Azure AD: ADPOINT Java UI:
...
"App Federation Metadata URL" field value
Information about groups and roles
Log file
...
Setup
sso-saml.war → webapps-javaee (Tomcat 10, X1) or webapps (Tomcat 8/9, version 7.x)
conf/sso-saml.
...
Missing groups
Check if on Adpoint's final SSO webpage you can see groups in Authentication Attributes. If not ask a customer to add the groups attribute in:
...
yml:
adpoint-launch-url: /adpoint/pages?jwt=metadata-uri: https://login.microsoftonline.com/b1ed7f93-0530-4af6-9bcf-cfe54f3040d4/federationmetadata/2007-06/federationmetadata.xml?appid=11111111111111111111conf/serverscripts/groupsandrole.js
Setup for Tomcat 10 and X1 version
The sso-saml.war should be created in a new folder: Tomcat/webapps-javaee/.
When Tomcat is started the files will be migrated to webapps folder and the sso-saml folder will be created there as usual.
Troubleshooting
Log file
Tomcat/logs/sso-saml.log
Missing groups
Check if on Adpoint's final SSO webpage you can see groups in Authentication Attributes. If not ask a customer to add the groups attribute in:
Azure AD -> Enterprise Apps -> ADPOINT app -> Single Sign-on -> User Attributes & Claims -> Additional claims