Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Login to the Microsoft Azure Management console: https://manage.windowsazure.com or https://portal.azure.com with your Azure global administrator account

  2. Use the information below to complete the single sign-on fields:

    Warning

    Do not include the curly brace { } surrounding the tenant name in the URLs below.

     


    1. AP ID URI:
      1. Cloud Customers should use
        Info
         
    2. SIGN-ON URL
      1. You will need the Azure tenant ID, the client id and client secret key that are created for the frevvo application when configuring your

        Frevvoproduct
        Azure SAML tenant.

Expand
titleClick here for some more tips....
  1. Login to the Microsoft Azure Management console: https://

...

  1. manage.

...

  1. windowsazure.com or https:

...

  1. /

...

For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo Cloud tenant named mycompany.com,the AP ID URL would be:

  1. /portal.azure.com with your Azure global administrator account
  2. Click on Azure Active directory link present on the left side of the screen.
  3. Click on App Registrations link.
  4. Click on New application registration link for creating a new application.
  5. Enter the following details:
    1. Name:- Name of your frevvo Azure application
    2. Select who can use this application or access this API
  6. Configure the Redirect URL:
    1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/saml/SSO/alias/

...

    1. {t} - replace {t} with name of your frevvo tenant.

      Info

      For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo Cloud tenant named mycompany.com, the REPLY URL would be:

      https://app.frevvo.com:443/frevvo/web/saml/SSO/alias/mycompany.com 

    2. On-premise customers should use http://<server>:<port>/frevvo/web/saml/SSO/alias/{t} - replace <server> with the ip of your server, <port> with the port number (if applicable) and

...

    1. t

...

    1. with the name of your frevvo in-house tenant.

      Info

      For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo in-house tenant named mycompany.com, the

...

    1. REPLY URL would be:

      https://<server:port>/frevvo/web/saml/SSO/alias/mycompany.com 

...

    1. Click Register.
  1. Select the frevvo application from the list.
  2. Click the Branding tab
  3. Configure the Home Page URL:
    1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/

...

    1. tn/

...

    1. {t}/login - replace {t} with the name of your frevvo Cloud tenant.

      Info

      For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo Cloud tenant named mycompany.com, the

...

    1. SIGN-ON URL would be:

      https://app.frevvo.com:443/frevvo/web/

...

    1. tn/

...

    1. mycompany.com

...

    1. /login

    2. On-premise customers should use http://<server>:<port>/frevvo/web/

...

    1. tn/

...

    1. {t}/login - replace <server> with the ip of your server, <port> with the port number (if applicable) and t with the name of your frevvo in-house tenant.

      Info

      For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo in-house tenant named mycompany.com, the

...

    1. SIGN-ON URL would be:

      https://<server:

...

    1. port>frevvo/web/

...

    1. tn/

...

    1. mycompany.com

...

Cloud Customers should use https://app.frevvo.com:443/frevvo/web/tn/{t}/login - replace {t} with the name of your frevvo Cloud tenant.

...

For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo Cloud tenant named mycompany.com, the SIGN-ON URL would be:

    1. /login


    2. Click Save.
  1. Click on the API Permissions tab.
    1. Click Add a Permission
    2. Select Azure Active Directory Graph from the Supported legacy APIs section
    3. For Application Permissions, select Read and write directory data (under Directory)
    4. For Delegated Permissions, select Sign in and read user profile (under User) AND Read directory data under (under Directory)
    5. Click on the Grant Permissions button select "Yes" option  and click on the Save button.
  2. Click on the Expose an API tab.
    1. Configure the AP ID URI
      1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/

...

      1. alias/{t}

...

      1. - replace {t} with the name of your frevvo

...

      1. Cloud tenant.

        Info

        For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo

...

      1. Cloud tenant named mycompany.com,the

...

      1. AP ID URL would be:

        https://

...

      1. app.frevvo.com:443/frevvo/web/

...

Expand
titleClick here for some more tips....
  1. Login to the Microsoft Azure Management console: https://manage.windowsazure.com or https://portal.azure.com with your Azure global administrator account
  2. Click on Azure Active directory link present on the left side of the screen.
  3. Click on App Registrations link.
  4. Click on New application registration link for creating a new application.
  5. Enter the following details:
    1. Name:- Name of your frevvo Azure application
    2. Application type:-Web app/API
    3. SIGN-ON URL - Refer to Step1 - Create an Application for Live Forms in Azure for an example.
      1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/tn/{t}/login - replace {t} with the name of your frevvo Cloud tenant.

      2. On-premise customers should use http://<server>:<port>/frevvo/web/tn/{t}/login - replace <server> with the ip of your server, <port> with the port number (if applicable) and t with the name of your frevvo in-house tenant.

  6. Click on the Settings link then click on the Properties link.
  7. Configure the App ID URL and Home page URL as follows:
    1. AP ID URI: - Refer to Step1 - Create an Application for Live Forms in Azure for an example.
      1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/alias/{t} - replace {t} with the name of your frevvo Cloud tenant.

      2. On-premise customers should use http://<server>:<port>/frevvo/web/alias/{t} - replace <server> with the ip of your server, <port> with the port number (if applicable) and t with the name of your in-house frevvo tenant.
    2. Home page URL:
      1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/tn/{t}/login - replace {t} with the name of your frevvo Cloud tenant.
      2. On-premise customers should use - http://<server>:<port>/frevvo/web/tn/{t}/login - replace <server> with the ip of your server, <port> with the port number (if applicable) and t with the name of your frevvo in-house tenant.

  8. Click on Save button at the top of screen.
  9. Navigate to the Settings column then click on the Reply URLS link.
  10. Enter one of the following to create the reply URLs:
    1. REPLY URL: - Refer to Step1 - Create an Application for Live Forms in Azure for an example.
      1. Cloud Customers should use https://app.frevvo.com:443/frevvo/web/saml/SSO/alias/{t} - replace {t} with the name of your frevvo Cloud tenant.

      2. On-premise customers should use http://<server>:<port>/frevvo/web/saml/SSO/alias/{t} - replace <server> with the ip of your server, <port> with the port number (if applicable) and t with the name of your frevvo in-house tenant.

  11. Click on Save button.
  12. Navigate to the Settings column then click on the Required permissions link.
  13. Click API
  14. Select Read and write directory data under Application permissions.
  15. Select Sign in and read user profile AND Read directory data under Delegated permissions
  16. Navigate to the Required permissions column:
    1. Click on the Grant Permissions button select "Yes" option  and click on the Save button.
  17. Navigate to the Registered app column and click on Manifest.
    1. Check the value of the Home Page
    2. Check the code at the end of the Manifest. Make sure the "id": "5778995a-e1bf-45b8-affa-663a9f3f4d04" has "Role,Scope" for the type. Modify if necessary.

      Code Block
      requiredResourceAccess": [                                {
                                          "resourceAppId": "00000002-0000-0000-c000-000000000000",
                                          "resourceAccess": [
                                      {
                                          "id": "5778995a-e1bf-45b8-affa-663a9f3f4d04",
                                          "type": "Role,Scope"
                                      },
                                      {
                                          "id": "78c8a3c8-a07e-4b9e-af1b-b5ccab50a175",
                                          "type": "Role"
                                      },
                                      {
                                          "id": "311a71cc-e848-46a1-bdf8-97ff7156d8e6",
                                          "type": "Scope"
                                      }
    3. If you made changes, click the Save button at the top of the screen.
  18. Click on the Settings link then click on the Keys link
  19. Enter the following details:
    1. Description- Enter any Text here.
    2. Expires-<Select any value from the dropdown>
  20. Click on Save button.
  21. After clicking on Save button copy the value of "Value" column. This is the Client secret that you will need when configuring the
    Frevvoproduct
    tenant screen. There is only one chance to retrieve the client secret key when you create the application for
    Frevvoproduct
    in Azure. Once you leave this screen the value will be hidden.
    Warning

    You will need the Azure tenant ID, the client id and client secret key that are created for the frevvo application when configuring your

    Frevvoproduct
    Azure SAML tenant.

  22. To find the client id - same as the Application ID:
    1. Click on App registrations
    2. Click on your application-
    3. Copy the application ID shown for your application
  23. To find the tenant id:
    1. Select Azure Active Directory.
    2. Select Properties for your Azure AD tenant
    3. The value in the Directory ID field is the tenant ID for your Azure application.
  24. OR click the Endpoints button under App registrations. The value in between the login.microsoftonline.com and federationmetadata is the tenant id

    code
      1. alias/mycompany.com

...

You will need the Azure tenant ID, the client id and client secret key that are created for the frevvo application when configuring your

Frevvoproduct
Azure SAML tenant.

      1.  

      2. On-premise customers should use http://<server>:<port>/frevvo/web/alias/{t} - replace <server> with the ip of your server, <port> with the port number (if applicable) and {t} with the name of your frevvo in-house tenant.

        Info

        For example, if you were changing the Security Manager from the Default Security Manager to the Azure SAML Security Manager for a frevvo in-house tenant named mycompany.com, the AP ID URL would be:

        https://<server:port>/frevvo/web/alias/mycompany.com

      3. Click Save.
  1. Click the Certifiates & secrets tab.
    1. Generate the Client Secret under Client Secrets. COPY/SAVE the VALUE in a notepad - you will need this for the frevvo tenant screen.  
      There is only one chance to retrieve the client secret key when you create the application for
      Frevvoproduct
      in Azure. Once you leave this screen the value will be hidden.
  2. Click the Overview tab.
    1. Copy the Application ID into your notepad. This is the value of the Client ID on the frevvo configuration screen.
    2. Copy the Directory ID into your notepad. This is the value of the Tenant ID on the frevvo configuration screen.
    3. Click Endpoints at the top of the screen. Copy the Federation Metadata Document URL from the list to your notepad. This is the URL that you will use to generate the Azure metadata

      Code Block
      titleExample of the Federation Metadata Document URL
      https://login.microsoftonline.com/3d532ac1-a43c-45c7-b0e9-cc814400ca11/federationmetadata/2007-06/federationmetadata.xml

       
       

     

    Warning

    You will need the Azure tenant ID, the client id and client secret key that are created for the frevvo application when configuring your

    Frevvoproduct
    Azure SAML tenant.

  3. Proceed to Step 2 - Create the Live Forms metadata file

Step 2 - Create the Live Forms metadata file

...