This guide requires you to be administrator of your Microsoft Azure account
On Microsoft Azure
Open your Microsoft Azure portal
Click on Enterprise applications
Click on New application
Click on Create your own application
Enter the application name (e.g: Figures SAML), then click on Create
Click on Set up single sign on
Click on SAML
Edit the Basic SAML Configuration section
Add the following Identifier: https://app.figures.hr
Add the following Reply URL: https://app.figures.hr/api/auth/saml/callback
Click on Save
Edit the Attributes & Claims section. Add the following Claims:
Name:
nameID
- Source Attribute:user.mail
Name:
firstName
- Source Attribute:user.givenname
Name:
lastName
- Source Attribute:user.surname
Under SAML Certificates, download the Certificate (Base64). You will require it soon.
Under Set up, copy the Login URL. You will require it soon.
Go to Users and groups and assign relevant people and groups to this application, depending on your needs. In order to test the integration, we recommend that you at least add yourself to start.
On Figures
Go to Figures Settings
Scroll down until you find SAML SSO
Click on the Configuration tab
Enter your SAML Entry Point and Certificate. Those match the settings you've copied from Microsoft before.
Entry Point corresponds to the LoginURL
Certificate corresponds to the Certificate (Base64) you've downloaded. You will need to open this file in a text editor and copy it's content.
Click on Save
Click on Test integration
Once you get back on Figures, you will most likely land on an error page letting you know that we had issues validating your SAML Profile.
To fix this, you need to Map your SAML Attributes.