Creating an Azure Application

In order to connect an Azure as an identity provider for File Access Manager, you must first create a dedicated application in Azure.

  1. In Microsoft Azure, navigate to the Portal.

  2. Go to “Enterprise applications” (You can search for it on the searchbar, and click on it).

  3. Select + Create your own application.

  4. Fill the following fields:

    What's the name of your app?

    Free text

    What are you looking to do with your application?

    Integrate any other application you don't find in the gallery

  5. Select Create.

  6. Select the Single sign-on option in the navigation menu located on the left side of the screen.

  7. Select SAML.

  8. In the Basic SAML Configuration panel, click Edit.

  9. Fill the following fields with the following data:

    Identifier (Entity ID)

    This should be entered with https:// and can be the address of the VM - this data will be used in the Server Installer during installation of the SAML option.

    Delete the default value identifier.

    Select the created identifier as default by checking the checkbox.

    Reply URL (Assertion Consumer Service URL)

    https://[SERVER_NAME]/siqapi/login/AssertionConsumerService

    Where SERVER_NAME is the VM where the File Access Manager website is installed

    Select Save.

  10. In the User Attributes & Claims, select Edit.

    1. Within Required Claim, click on the Claim name on the top.

    2. Click on the Choose name identifier format dropdown list, and select Unspecified.

    3. Look at the selected value within the Source Attribute dropdown.

      Verify that the selected value is “user.userprincipalname”.

    4. Select Save.

  11. Close the currently displayed window (click on the X).

  12. Select Properties.

  13. Verify that “User assignment required?“ is set to No.

  14. Select Single sign-on > Test this application.

The Azure application is now set and the following data will be needed during the installation of the FAM with the SAML 2.0 version.

  • Entered Identifier, from the Basic SAML Configuration panel

  • The link to the Federation metadata document – copy the value within “App Federation Metadata Url“ in the third frame