CentreStack is a managed file sync and share solution that supports SAML single sign on.
For customers that are on the Office 365, they have Azure Active Directory and that supports SAML Single Sign on as well.
This article shows how to connect CentreStack Single Sign On with Azure AD Single Sign On.
Step 1 – CentreStack Side Setup
From the tenant administrator management portal, go to the Group Policy –> Security –> Single Sign On. Tenant administrator can enable SAML authentication from there.
Step 2 – Capture the Entity ID
From the same place to enable the SAML Authentication, there is a service provider meta data link. Open the link in web browser and we will see the Entity ID. Now copy and paste the entity ID to the side and we will use it later.
Step 3 – Office 365 Admin Center
Every Office 365 organization has an implicit Azure AD connected. The Office 365 administrator can open Azure AD from the portal.
From the Azure AD page, click on the “Application” first, and then add an Application.
For the Application, from Sign On URL to App ID to Reply URL, it can be set to the Entity ID.
Step 4 – Inspect Azure AD End Points
Azure AD also have meta data information and End Points that needs to be filled back into the CentreStack side.
Step 5 – Take Azure AD Parameter back to CentreStack
The SAML-P SIGN-ON ENDPOINT in Azure AD will become the IdP End Point URL.
For the 3 parameters in the Emai/GivenName/SurName, it comes from the Azure AD side of the meta data.
At the top of the Azure AD End Points information, there is a meta data URL, open the URL in a web browser, you will see definitions like name/givenname/surname inside. Can just copy these definitions to the IdP Email Parameter, Given Name and Surname parameter.
For the last parameter – IdP Meta Data, just paste the whole Azure AD meta data (shown in web browser, do a view source) into the IdP Meta Data.
We also recorded a video demo. For more information, please visit http://www.centrestack.com