Setup SAML Authentication With Azure SSO
To configure SSO, you need:
- An Azure AD user account. If you don't already have one, you can Create an account for free.
- One of the following roles: Global Administrator, Cloud Application Administrator, Application Administrator, or owner of the service principal.
- Completion of the steps in Quickstart: Create and assign a user account.
To add Azure Active Directory SSO to your SmartFile account:
- Go to your Azure portal.
- On the left, select “Azure Active Directory.”
- Select “Enterprise Applications.”
- Click on “+ New Application.”
- Search for “SmartFile” in the “Add from the gallery” search box. Select the service in the dropdown menu.
- Click add.
- Navigate to the “Enterprise applications” tab and select “SmartFile.”
- In the “Users and groups” section, select “+Add user.”
- Select the “Users and groups” section and select users that you would like to be able to sign in with Azure SSO. Click the “Select” button at the bottom to confirm.
- Click “Assign” when finished.
- In the “Single sign-on” section, select “SAML.”
- Fill out the following fields:
- Identifier (Entity ID): This will be your custom domain. DO NOT INCLUDE https://
- Reply URL (Assertion Consumer Service URL): Your entity id + ‘/saml2/acs/’ .
- Click “Show advanced URL settings”. Sign on URL: Your entity id + ‘/ftp/login/’ .
- If the “Status” of the certificate in this section is not active, be sure to activate it with the “Make new certificate active” check box.
- Save the form.
- In step 4 (SAML Signing Certificate), copy the “App Federation Metadata Url.” Go to that Url, then save that file as “sitename_saml_azure.xml.”
- Sign into your SmartFile account.
- For each user assigned to Azure sign in, create a user with their username and email being the email used in Azure and the sign on method set to “SSO”.
- Send “sitename_saml_azure.xml” in a support ticket to email@example.com
- SmartFile will add this file to your account.
- When you go to your site’s sign in page, there should now be a “Single Sign-On” button. Users will click on this button and be signed into SmartFile through Azure to their given account.
- If a user gets a page saying that the account does not exist, ensure that the user’s email is set as the SmartFile user’s username and email.