| Table of Contents |
|---|
...
Setup steps
What is needed from the customer to set up the SSO (single sign-on) on Entra ID (Azure AD) platform using SAML protocol?
1. Customer sets up the first app in Azure AD: ADPOINT Java UI:
...
"App Federation Metadata URL" from “SAML Certificates” section. It has to contain “appid” param with a value at the end.
Information about groups and roles.
Installation
Tomcat 8/9 (ADPOINT 7.x)
Tomcat/webapps/sso-saml.war(copy it fromsnapshots/from the FTP)Tomcat/webapps/conf/sso-saml.propertiesTomcat/webapps/conf/sso-saml2.properties(only if the 2nd app is being configured; then you also need sso-saml2.war)Tomcat/webapps/conf/serverscripts/groupsandrole.js
Tomcat 10 (ADPOINT X1 and later)
...
.
...
Tomcat/webapps/conf/sso-saml.yml:
| Code Block |
|---|
adpoint-launch-url: /adpoint/pages?jwt=
metadata-uri: https://login.microsoftonline.com/aaaabbbb-cccc-dddd-eeee-ffff12345678/federationmetadata/2007-06/federationmetadata.xml?appid=11111111111111111111 |
The last URL is a Federation Metadata URL received from a customer
...
Tomcat/webapps/conf/sso-saml2.yml (only if the 2nd app is being configured; then you also need sso-saml2.war)
...
Tomcat/webapps/conf/serverscripts/groupsandrole.js
Troubleshooting
Log file
Tomcat/logs/sso-saml.log
Missing groups
Check if on Adpoint's final SSO webpage you can see groups in Authentication Attributes. If not ask a customer to add the groups attribute in:
...