Contact Us
|
+44 01737 647882
|
Log In
Human Focus Logo
|
|
Product has been added to your basket.
Fully Accredited Courses
24/7 Online Training
Discounts on Bulk Buying
Desktop, Tablet & Mobile

Single Sign ON (SSO) Set-up for Microsoft Entra

Please follow the below screenshots for Microsoft Entra to set up Single Sign ON (SSO) to Human Focus System.

1. Login to Microsoft Entra and click on Enterprise Applications

Login to Azure AD and click on Enterprise Applications

2. Click + Sign of New Applications.

Click + Sign of New Applications

3. Click on “Create your own application”

Click on “Create your own application”

4. Give your application a name, select the last option appearing on the page and Click Create.

Give your application a name, select the last option appearing on the page and Click Create.

5. Click on Set up Single Sign on Option

Click on Set up Single Sign on Option

6. Click SAML Option.

Click SAML Option

7. Enter the following in Identifier and Reply URL fields

Identifier: https://www.humanfocus.org.uk/

Reply URL: https://www.humanfocus.org.uk/CBTbyB/SAML/AssertionConsumerService.aspx

D-0534 HFSingleSignON-AzureSetupSteps7-V2

8. Edit the User Attributes & Claims section

Under Claim Name, you will see the primary claim, Unique User Identifier (Name ID), with the claim Value set to user.userprincipalname [nameid-format:emailAddress]. On clicking this claim, you will find the following details on the Manage claim page:

Single Sign On

Close this page. Now, delete the default attributes that you see under the Additional claims section. We will be adding our own set of attributes.

Single Sign On

Now, to add your attributes, click on + Add new claim.

9. Open Manage claim page

10. In the Manage claim page, enter first_name under Name, select user.givenname under the Source attribute, and click Save.

Single Sign On

Similarly, add the following attributes:

Name Value
last_name user.surname
email user.userprincipalname
roles user.assignedroles

10. Role Mapping in Contentstack

If you want to enable Role Mapping in Contentstack, then it is highly important to add the roles attribute as we need this for IdP Role Mapping which we will cover in the next set of steps.

Single Sign On

You will see the added attributes in the User Attributes & Claims section.

D-0534 HFSingleSignON-AzureSetupSteps11-1-V2

11. SAML Signing Certificate section

In the SAML Signing Certificate section, click the Download link beside Certificate (Base64). This will download and save the Base64 version of the certificate which need to be sent to Human Focus. If

Single Sign On

If needed, edit the Notification Email Addresses section, change the notification email, and click on Save.

Single Sign On

12. Send data to Human Focus

Under the Set up section, you will find important data, such as Login URL, Microsoft Entra Identifier, and Logout URL of your Microsoft Entra app. This data need to be sent to Human Focus

Send data to Human Focus