Azure AD as SSO Provider - Add a Single Sign-On (SSO) app
In this article, we will explain how to set up an application with a single sign-on option.
In this example, we will add a Wordpress app trough Azure with a password-based single sign-on.
- Go to portal.azure.com
- Go to the “Azure Active Directory” and click on “Enterprise applications”.
At the page that opened, you can add your own application or select one from the list. In our case, the Wordpress app already exists, and we can add in trough the list.
- At the right of the screen, when you have selected the application, click “Add”.
Now you will be redirected through the dashboard of that application.
- At this page, click on “Single sign-on” at the menu on the left.
Here you can choose a type of sign-on ability. The one we are adding only supports Password-based sign-on.
- Click on “Password-based”. After that, click “Save”, on the top left.
- A new window will open, click “Save” at the top.
We have now added the application to your database of Azure.
- Go back to the “Azure Active Directory” and from there, choose “App registrations”.
- From this list, select the application we’ve just added. This will open a new screen.
- At this list, click on “View all quick start guides”.
Here you can choose an option for Microsoft Graph API to identify users with. For our implementation we use ASP.NET.
- Click on “ASP.NET”.
- Then click on “Make this change for me”. A pop-up window will show up, click on “Make updates”.
Now we need to grant permission as an admin for this application to make the connection.
- On the left menu, click on “API permissions”. This will open a new screen.
- On this screen, select “Grant admin consent for (user)”. Then confirm your input at the pop-up message on the top of the screen.
- Now, from the menu on the left, go to “Overview”. Here you will find the Application (client)ID. Copy this serial code.
We are done in Azure, now we must add the application in the dashboard of your Workspace 365.
- At the workspace dashboard, click on the app market. From there, choose “New App” and click on “Azure app”.
This will open a new window, where you need to provide information about the application you want to add.
- Provide the app with a name.
- The first part of the SSO URL is already provided. At the last part, first type application/ and after the forward-slash, provide the Application ID you copied from Azure, as seen in the screenshot.
Important: Dont include the ?TenantID=XXX, this results in the change credentials is not working
- Click “Save and Back”.
Now you need to add the application to the dashboard.
- Click on Add tiles, then choose the app and click on “Add to workspace”.
The app will be shown on the dashboard.
- Click on the application, this will open a new screen.
If this is the first app you have added with a password-based sign-on option, you need to install a plugin that stores the username and password.
- Click on “Install now”.
This will open a new page, where you have to confirm the installation.
When this is done, you can close the page that opened for the installation of the plugin. Now you will see the screen that asks for the user login information for Wordpress. You only have to provide this information once, after this, it will automatically start up a signed-on Wordpress session when you click on the app on the workspace.
If this will not show up, clear your cookies.
After you’ve provided the login information, a Wordpress session will start.