Omnilert can be configured to manage subscriber logins using Shibboleth / SAML. A non-federated SAML connection can be allowed using Microsoft's hosted Azure service.
Please see the attached PDF instructions for a walk-through.
This step-by-step guide will help you to configure Azure AD to act as an Identity Provider, allowing your subscribers to log in with their Active Directory username/password.
UPDATE TO INSTRUCTIONS:
Page 5 (Step 9) of the instructions shows multiple "Reply URL" options.
When setting up SAML on Azure, the "Reply URL" (ACS) should be set to:
https://shibboleth.omnilert.net/Shibboleth.sso/SAML2/POST
Admin SSO (Optional)
Typically, the single sign-on logins are used by subscribers only, with admins logging in directly to Omnilert.
However, Omnilert can allow admins to log in via SAML SSO. Enabling this added feature requires the release of an additional SAML attribute ('AD-omnilertMail') in your claims.
Please see the following article for details:
Single Sign-On: Admin logins via Shibboleth/SAML
Note: These instructions are provided as a general-purpose guide only. Omnilert cannot provide direct assistance with third-party systems such as Azure. Please consult with your local Azure administrator for specific information regarding your institution's policies and procedures.
Comments
1 comment
UPDATE:
When setting up SAML on Azure, the "Reply URL" (ACS) should be set as:
Please sign in to leave a comment.