¶ Requirements
To integrate Pyplan with Microsoft AD it will be necessary to create an "Azure enterprice app".
¶ Instructions
¶ Azure Portal Microsoft Azure
Access to https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/RegisteredApps
¶ Create the new app
¶ Assign Users and Groups
¶ SSO configuration
The following section edits the connections between the IDP and Pyplan.
Configure it with the following parameters:
- Identifier (Entity ID)
https://[DNS_CLUSTER_INGRESS]/api/saml2/metadata/?code=[COMPANY_NAME] - Reply URL
https://[DNS_CLUSTER_INGRESS]/api/saml2/acs/?code=[COMPANY_NAME] - Sign On URL
https://[DNS_CLUSTER_INGRESS]/api/saml2/login/?next=[DNS_CLUSTER_INGRESS]&code=[COMPANY_NAME] - Relay State
Empty - Logout URL
https://[DNS_CLUSTER_INGRESS]/api/saml2/ls/?code=[COMPANY_NAME]
¶ SAML Certificates
Edit the Signing Option and the Algorithm
¶ Azure Groups (Optional)
Pyplan allows the possibility to match an azure group with a set of specific permissions within the application to facilitate the tasks of the security team.
For more information: /user-guide/security-options
¶ Configure the Default Role & Department
The next step is to add two "Claims" to the environment with these parameters:
- Namespace:
http://schemas.xmlsoap.org/ws/2005/05/identity/claims - Source attribute for Role&Department:
user.usertype(Consent with the customer)
