Azure AD Configuration
To configure Azure SSO with your SolarWinds Service Desk account you will need to access both Azure Service Portal and the SolarWinds Service Desk App.
The instructions below cover all aspects of the configuration process:
Step 1 - Add the SolarWinds App to your Azure Active Directory
- Navigate to Azure Active Directory and click on Enterprise Apps
- Click New Application and search for SolarWinds
- Select the SolarWinds App and click Add
Step 2 - Basic SAML Configuration in Azure
- From Azure Active Directory, in the SolarWinds App, click Single Sign-On
- Select SAML
- In the Basic SAML Configuration section click on the pencil icon.
- Enter the requested information
- Identifier - SAManage.com
https://[ACCOUNT NAME].samanage.com/saml/[ACCOUNT NAME]
- https://app.samanage.com/saml/[ACCOUNT NAME]
Sign On URL - https://app.samanage.com/saml_login/[ACCOUNT NAME]
This information can be copied from your SWSD (Samanage) account by navigating to Setup > Users & Access > Single Sign-on.
Check the box Enable Single Sign On with SAML
- Copy the link in the Login URL
- Click Save
If you are using domain mapping, you may need to replace [ACCOUNT NAME].samanage.com with the updated domain that you have setup under Setup > Service Desk > Domain Mapping.
Step 2 extension - Basic SAML Configuration in Azure with METADATA
MetaData can be used to populate some of the information in the Basic SAML Configuration section. to obtain the necessary information:
Download your account Metadata use the following link: https://[ACCOUNT NAME].samanage.com/saml/metadata
- Enter the URL provided into a web browser
- Save to your computer
- Keep the .xml file for future use
- In Azure Active Directory, select the pencil icon and edit the Basic SAML Configuration
- Click Upload Metadata File and select the metadata .xml you saved to your computer
- Click Add
- Verify the Identifier and Reply URL
Add the Sign-on URL using the following link:
This can be copied from your Samanage Account by navigating to Setup > Users & Access > Single Sign-on
Check the box Enable Single Sign-On with SAML.
Copy the link in the Login URL
- Click Save
Once you have configured SAML Configuration with/out Metadata, look below for how to complete the Azure Active Directory Configuration
Step 3 - Final Setup
- In Azure Active Directory - download the certificate (base 64) from the SAML Signing Certification section.
- Copy the Login and Logout URL (for later use).
- In SWSD (Samanage) - Navigate to Set up > Account > Single Sign-On
- Select the checkbox labeled Enable Single Sign-On with SAML.
- In the Identity Provider URL field, paste in the Login URL copied from Azure.
- In the Logout URL field, paste the Logout URL copied from Azure
- Verify that the SAML Issuer is SolarWinds
- Paste the Azure certificate
- Open the Certificate (Base 64) in a text editor.
- Select All the text and copy into SolarWinds
- If you wish to add additional users, select Create users if they do not exist.
- Once selected, any user that authenticates via SSO that is not a registered user in SolarWinds, will be added with Requester permissions.
- The last option is to select Redirect to the saml login page when logging into SolarWinds Service Desk by default
- During initial configuration and testing, we recommend leaving this check box unmarked.
- The final step os to add users to the application.
- In Azure, navigate tot SolarWinds and click Users & Groups
- Via the Add User button, add all users and/or groups that require the ability to login into SolarWinds.
Step 4 - Just In-Time Provisioning
If you select Just In-Time Provisioning Support, click to check the Create users if they do not exist option to create SSO authenticated users on the SWSD.