Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Section
Column

Frevvoproduct
supports the creation of a tenant using the Azure SAML (Security Assertion Markup Language) Security Manager. Users in this tenant are redirected to the Microsoft Azure login screen and then to
Frevvoproduct
when that login screen is submitted.

The Azure SAML Security manager can be used in cloud and on-premise installations.

  • Allows on-premises AD to be exposed to the frevvo cloud via synchronization with Azure AD
  • Uses the graph API to access users and groups from AD.
  • SAML is used for authentication only, providing single sign on.
  • SAML is built into Azure AD. It is not necessary to setup an identity provider.

The Azure SAML Security Manager pulls users/roles from Azure AD. frevvo recommends using the SAML Security Manager for customers who want to manage users/roles from the 

Frevvoproduct
UI.

Column
width400px

On this page:

Table of Contents
maxLevel2

Prerequisites

  • You will need a valid Microsoft Azure subscription.
    • The frevvo.TenantAdmin and frevvo.Designer groups must be specified on your Active Directory server. The group names must be spelled as shown. Upper/lower case may be a factor for Open LDAP systems. . 

      • Tenant admin users must be assigned to the frevvo.TenantAdmin group.
      • Designer users must be assigned to the frevvo.Designer group.
      • Users with the frevvo.publishers role must be assigned to the frevvo.Publisher group.
      • Users with the frevvo.ReadOnly role must be assigned to frevvo.ReadOnly group.

Refer to Manage Roles for a description of these roles in

Frevvoproduct
.

Configuring the Azure SAML Security Manager

...