Azure Setup
Before continuing, this user should be an Azure AD admin for the organization, and a SAML Config must be created in the Integration Gateway Environment.
Create the Integration Gateway Enterprise Application
From the Azure Active Directory overview page, select Enterprise applications from the left-hand panel.
Click New Application at the top.
Click Create your own application at the top.
Provide a name and select Integrate any other application you don’t find in the gallery (Non-gallery). Click Create at the bottom of the page.
Click 2. Set up single sign on under Getting Started, or select Single sign-on from the left-hand panel.
Select SAML.
Provide Integration Gateway's metadata to Azure
At the top, select Upload metadata file. Select the appropriate file and upload.
Click Save at the top.
Add an email claim
We need to add a claim to the SAML configuration in Azure, so that the user’s email address comes over to Integration Gateway in a field titled “email” instead of something else.
On the application SAML-based Sign-on page, in section 2 Attributes & Claims click Edit.
Click Add new claim at the top.
Enter email in the Name field. For Source Attribute select user.mail. Click Save in the top-left.
Depending on the organization’s Azure configuration, the user email field name may differ.
Get Azure SAML metadata for Integration Gateway
On the application SAML-based Sign-on page, in section 3 under SAML Certificates download the Federation Metadata XML.
Alternatively, grab the App Federation Metadata Url instead of downloading the file.
This will be needed on the Integration Gateway side, to add Azure as an IdP. If this user is not a Integration Gateway admin, please provide the file/URL to a Sandbox Banking employee.
Last updated
Was this helpful?