You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 7 Current »

SAML SSO Configuration Steps

1. Install Joget SAML Plugin and Obtain ACS URL

  1. Install the Joget SAML Plugin from the Joget Marketplace.
  2. In the Joget System Settings > General Settings, set API Domain Whitelist   to * (IMPORTANT NOTE: If this is not set, you will get a 400 Forbidden error when performing the SSO)
  3. In the Joget System Settings > Directory Manager, select the Joget SAML Plugin.
  4. In the Joget SAML Plugin configuration, copy the Entity ID and ACS URL. (IMPORTANT NOTE: Azure AD requires the ACS URL to be HTTPS so your Joget installation must be running under HTTPS )

2. Configure Azure Active Directory for SAML

  1. Sign in to the Azure portal, and navigate to Azure Active Directory > Enterprise applications  
  2. Select New application, Non-gallery application, and add an application. 
  3. Select the application, select Set up single sign-on , then select SAML
  4. Under Basic SAML Configuration, select the Edit pencil icon and key in the Joget SAML Entity ID and ACS URL copied earlier, then Save

  5. Edit User Attributes & Claims, and configure the claims

    Claim Name

    Value

    Unique User Identifier (Name ID)

    user.userprincipalname

    email

    user.mail

    User.FirstName

    user.givenname

    User.LastName

    user.surname

  6. Under SAML Signing Certificate, download the Certificate (Base64). This certificate file will be used to configure the Joget SAML Plugin later.

  7. Select the Users and groups menu item on the left, and add the users allowed to access Joget. You may add yourself to the listing so that you can test the login later.


3. Configure SAML IDP Certificate in the Joget SAML Plugin

  1. Open the downloaded certificate file and copy the contents into the IDP Certificate field in the Joget SAML Plugin configuration (NOTE: copy without the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines) 

** Select "User Provisioning Enabled" if you want to synchronize the user from the AD automatically. Otherwise, user needs to be manually created in Joget Users setup.

4. Test the SAML SSO

  1. Access the Azure My Apps Portal, click on the application, and select the user to perform the SSO. 

  2. If the SSO configuration is correct, the current user will be logged into Joget.


Source Code

This plugin source code is available in a new open source repository at https://github.com/jogetoss/. JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

References

  1. https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-non-gallery-applications
  2. https://dev.joget.org/community/display/DX7/Joget+SharePoint+SSO+Integration




  • No labels