Skip to main content
Azure Active Directory SAML Configuration (2020)
- In Azure search for "Enterprise applications"
- On "Enterprise applications" click "New application". Then click "Non-gallery application"
- Put whatever you want to the name field (I named it "TestSaml") and press "Add"
- On your app page select "Single sign-on" and then select "SAML"
- You should see SAML settings and configurations. You will need "Certificate" (base64), "Login URL (Azure)" and "Azure AD Identifier"
- Go to Rubex -> Hamburger menu -> Admin -> Settings -> Single Sign-On Settings -> Create Saml Configuration.
Name: Whatever you like
Issuer: Copy contents of "Azure AD Identifier"
Entity ID: Whatever valid URL you like
Saml Endpoint: "Login URL (Azure)"
Certificate: Load "Certificate" file
- Click Create/Update. You will need "Login URL (Rubex)"
THIS URL SHOULD BE HTTPS!!! Otherwise, it will not work with Azure
- Go back to Azure app settings.
Identifier (Entity ID): Put the same Entity ID as in Rubex
Reply URL: Copy "Login URL (Rubex)"
Save everything. You can also press the Test button to test auth from Identity Provider
- To add users to Active Directory search for "Users" in top search bar.
- To add groups to Active Directory search for "Groups" in top search bar. Set type as "Security" and add some users during creation.
- To add users to SAML application go back to the Enterprise application, select users and groups and add existing AD users
- To import groups select "Single Sign-on" -> "User attributes & claims"
- Then click "add a group claim", check "Customize the name...", Name: "groups" or something else. The namespace should be empty. Source attribute needs to be checked for different values, because ID returns... ID! Save everything
- Put the same name ("groups") to Rubex saml settings