Steps to Follow
      Back to home
      1. Support Center
      2. Steps to Follow

      How to Integrate with Azure Active Directory

      Overview

      In this article, users will learn how to integrate ERIN's platform with Mircrosoft's Azure Active Directory.

      1. Create an Azure AD enterprise application

      1.1.  Open Azure Active Directory

      Navigate to the Azure Portal. On the right side menu, choose “Azure Active Directory” (Fig. 1a).

      Figure 1a

      If no such service exists, open “All services” and type “Azure Active Directory” (Fig. 1b).

      Figure 1b

      1.2.  Create a New Enterprise Application

      In the Active Directory menu, choose “Enterprise applications” (Fig. 1c).

      Figure 1c

      In the section you just opened, choose “New Application” (Fig. 1d).

      Figure 1d

      Under "Add your own app", select “Non-gallery application” type (Fig. 1e).

      Figure 1e

      Type “ERIN” as the name of your application and press “Add”. Now, your Azure AD enterprise application has been created (Fig. 1f).

      Figure 1f

      2. Connect your Application to AWS User Pool

      2.1.  Setup Single Sign-On

      In your Azure AD enterprise application, choose section “Single sign-on”. In the dropdown list choose “SAML-based Sign-on” (Fig. 2a).

      Figure 2a

      2.2.  Input AWS URLs

      In the section “Domain and URLs”, input the following information.

      2.2.a.  Identifier

      -   Identifier contains your User Pool id (from AWS) and built with next pattern.

      -   ERIN CUSTOMER SUCCESS WILL SEND YOUR IDENTIFIER.

      2.2.b.  Reply URL

      -   The Reply URL is where the application expects to receive the authentication token from (Fig. 2b).

      -   This is also referred to as the “Assertion Consumer Service” (ACS) in SAML. It should follow the pattern.

      -   ERIN CUSTOMER SUCCESS WILL SEND YOUR REPLY URL.

      Figure 2b

      2.3.  Download SAML File

      Save your changes and download the SAML File by clicking "Metdata XML" (Fig 2c).

      Figure 2c

      SEND YOUR METADATA XML FILE TO YOUR CUSTOMER SUCCESS REP.

      3. Add Users to your Application 

      In your Azure AD select “Enterprise applications” and choose your application. Select “Users and groups”->“Add user” (Fig. 3a).

      Figure 3a

      Invite new users or select from existing ones. These users will be able to log in to your application with this Azure AD account. When you finish adding a user, select “Assign” (Fig. 3b).

      Figure 3b

      4. Conclusion

      This concludes ERIN's integration with Azure AD. At the end of this section you should have the following.

      • SAML file with XML format
      • user(s) to login

      4.1.  Architecture Overview for Azure AD SSO with ERIN