Whilst Assertiv is often used to single sign-on to other applications, it can also be configured to allow users to use their Azure credentials to sign onto Assertiv.
- To log into Assertiv with an Azure AD user, the user must already exist in Assertiv.
- Azure AD must store the username of the Assertiv user in an attribute. This Azure AD attribute will be used to map the Azure user to the Assertiv user.
Log into your Azure Active Directory tenancy with an Administrative User. Navigate to the Enterprise Applications section.
Select New application then click Create your own application.
Enter a name for the applications then ensure the Integrate any other application you don't find in the gallery radio option is checked.
Navigate to the Set up single sign on section then select SAML.
Click on Edit next to Basic SAML Configuration.
For Identifier (Entity ID) enter the following: assertiv
For Reply URL (Assertion Consumer Service URL) enter the following: https://<yourorgname>.assertiv.com/saml2/sp
Replace <yourorgname> with your Organization's name. E.g. https://acme.assertiv.com/saml2/sp
The rest of the fields can be optionally configured. Click Save to continue.
Click Edit next to User Attributes & Claims.
Update the Unique User Identifier (Name ID) entry to map to the Azure AD attribute which contains the username of the user which exists in Assertiv.
Save to continue.
Download the Base64 certificate and open in a text editor.
Copy the Azure AD Identifier.
Log into Assertiv with an Administrative user, navigate to Organization Settings then SAML Security.
Copy in the Azure AD Identifier into the SAML Identity Provider Issuer field.
Copy the contents of the Base64 certificate into the Public Signing Certificate (PEM) field.
Back in Azure AD, assign access to the Assertiv application so your users can access this application.
After completing this step you are ready to test SSO. Click on Set up single sign on and at the bottom, click on Test single sign-on with Assertiv.
This will allow you to log in to Assertiv with an Azure user. If this passes, you are able to now use Azure to log into Assertiv.