This article links to instructions for setting up single sign-on (SSO) between Microsoft Azure Active Directory (AD). When you set up this integration, you use Azure AD to authenticate and manage QA or QA users. This feature is available to enterprise accounts. You must be an admin to access the screen in the application where you perform this procedure.
Notes:
- As part of our ongoing brand refresh, we are excited to share that on 3 September 2024, we updated our domain name from cloudcademy.com to platform.qa.com. As a result, when you configure the SAML application in the Azure Portal, you should use platform.qa.com.
- You will need access to the configuration information from your Identity Provider (IdP). If you don’t have this information, we recommend that you contact your internal IT or Technical teams to gather this information.
- This article contains different URLs for your configuration. Choose the URL that relates to the type of account you are using.
- Our platform uses SAML 2.0 and currently supports only SP-initiated workflows. (Service Provider initiated workflows.)
Azure AD SSO Tutorial
Find the tutorial on how to add our application here.
Note: This documentation will be updated in due course by Microsoft to reflect the QA domain.
Setting Name |
Value |
Identifier |
urn:federation:cloudacademy |
Reply URL | https://login.platform.qa.com/login/callback?connection=sso-1234567890 |
Reply on URL | https://platform.qa.com/login/ |
Logout URL (Optional) | https://login.platform.qa.com/logout/ |
Configure SSO settings on the QA platform
For more details on how to configure the SSO settings on the QA Platform, see Setting Up Single Sign-on.
Community Tips
Sometimes our users offer tips they learned while setting up their own SSO with Azure AD. Consider these community tips as you set up your SSO.
Add a custom claim rule to the relying party trust
The default AD claims mapping may not support your SSO implementation. Try adding a custom claim rule to the relying party trust, such as the one below:
c:[Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", Issuer == "AD AUTHORITY"]
=> issue(store = "Active Directory", types = ("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"), query = ";objectSID,mail,givenName,sn;{0}", param = c.Value);
Comments
0 comments
Please sign in to leave a comment.