SimpleMDM integrates with Microsoft Azure using the Security Assertion Markup Language (SAML) standard. This guide will explain how to designate an Azure account as a trusted identity provider (IdP) for authenticating administrators of your SimpleMDM account.
As the Microsoft Azure user interface may change, this guide has been written to provide a general process for getting up and running.
- Navigate to Settings > Users.
- Click the 'Settings' tab.
- Under the 'Single Sign On with SAML' section, select "Yes" to enable SAML.
- In the Short Name field, enter your company name (must be one word - no spaces or special characters).
- Click 'Save'. The fields under 'SimpleMDM Information' will automatically populate.
- Navigate to Enterprise Applications.
- Click 'Add a non-gallery application'.
- Select 'Single sign-on'.
- Select 'SAML'.
- Copy the value in the Audience field in SimpleMDM and enter it in the Identifier (Entity ID) field in the Azure settings.
- Copy the 'SimpleMDM SAML Consumer URL' from SimpleMDM and enter it in the 'Reply URL' field in Azure.
- Copy the 'SimpleMDM Single Logout URL' from SimpleMDM and enter it in the 'Logout URL' field in Azure.
Back in SimpleMDM:
- Copy the 'Login URL' value from Azure and enter it in the 'Endpoint URL' field in SimpleMDM.
- Copy the 'Thumbprint' value from Azure and enter it in the 'X.509 fingerprint or certificate' field in SimpleMDM.
- Copy the 'Logout URL' value from Azure and enter it in 'Single Logout URL' field in SimpleMDM.
- Save the settings.
Once complete, test the connection in the Azure settings to ensure the setup was successful.