This article is intended to guide technical users through the process of configuring GeoCivix to authenticate users using Azure Active Directory. In order to complete this guide you'll need to have an administrative account for GeoCivix and an administrative account for Azure Active Directory setup in advance.
TABLE OF CONTENTS
Step 1: Configure Azure
- Login to your Azure portal and click "Azure Active Directory".
- In the left navigation click "Enterprise Applications".
- Click to add a "New Application".
- Click to "Create your own application".
- Enter "GeoCivix" as the name of the application and select to integrate a Non-Gallery application.
- Click to "Set up single sign on".
- Select the "SAML" single sign on method.
- In step 1 of the setup screen click the "Edit" button.
- Add an Identifier (Entity ID) and set it to "GeoCivix". Next, add a Reply URL and set it to "https://{YourPortalSubDomain}.geocivix.com/sso/saml/azure/". Then click the "Save" button at the top left, then the "X" icon to close the window.
- In step 2 of the setup screen ensure that you have an "emailaddress" claim setup. If you don't have this you may need to click the edit button and add it as seen below.
- In step 4 of the setup screen record the Login URL for later use.
- Next we need to add users to our new application. Click "Users and Groups" in the left navigation menu then click to "Add user/group".
- Click the "None selected" option, then in the right pane, select the users (or groups) that you wish to add. Once your selections have been made click the "Select" Button at the bottom.
- Once the selections have been made click the "Assign" button at the bottom of the page.
Step 2: Configure GeoCivix
- Navigate to your GeoCivix portal and Sign In.
- In the navigation menu click "Site > Configuration".
- Expand the "Site Configuration" section, Select "Enable SAML Authentication: Yes", and then make the following entries then click "Submit" at the bottom of the page.
- SAML Entity ID: GeoCivix
- SAML Login URL: {copied from Azure in a previous step}
- SAML Response Parameter: SAMLResponse
- SAML Reply URL: /sso/saml/azure/
- In the navigation menu, select "Site > Users".
- Search for a user that has access to authenticate via Azure using their email address and click Search (this should be yourself in order to test authentication).
- In the search results, click the user's name.
- Scroll to the bottom of the user's profile and expand the section labeled "Subscriptions" then click on the title of your portal.
- On the subscription detail page, change the login method to "SAML" and click Submit.
- NOTE: You will have to change the Login Method for each user that you wish to enforce SAML authentication for.
Step 3: Test Authentication
- Navigate to your GeoCivix portal and click Sign In (you may need to sign out if you're already signed in).
- Enter the email address of a user that has permission to authenticate over Azure AD and then press tab or click the cursor into the password field in order to un-focus the email field. The system will automatically forward you to the Azure AD login page if the email address entered is found and set to authenticate over SAML.
- If you're already logged into Azure, you may be sent directly to the application and find yourself logged in. Otherwise you may be asked to login to Microsoft and the steps here may vary depending on your configuration. Follow the on screen steps for authentication.
- After successfully authenticating with Microsoft, you should be returned to your GeoCivix portal and see that you're now logged in.
- If you experience any difficulty or are not successfully logged into the application, please contact support@geocivix.com .
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article