You can now connect your content calendar Kordiam with Microsoft Entra ID (former Azure AD).
How to Set Up Single Sign-On with Entra ID (Azure AD) for Kordiam?
Pre-Conditions
- Your company needs to be both an Entra ID user as well as a Kordiam customer.
- Your Kordiam subscription must include access to the SAML security features. You get access to these features by purchasing the Support & Security Package. If you are a large enterprise customer this will likely be included in your package.
As a result you need to be eligible to access the Security page in Kordiam.
Please contact Kordiam Sales if you are interested in this feature, but don't have access to it.
Setting up the Connection
Follow these steps in the Entra / Azure Portal (you need to have admin rights for this):
- Log in to the Entra / Azure Portal and navigate to the Azure Active Directory.
- Click on "App registrations" and then click "Endpoints".
- Look for the "Federation metadata document" endpoint in the list of endpoints. The URL for this endpoint should look like this example: "https://login.microsoftonline.com/{TENANT-ID}/federationmetadata/2007-06/federationmetadata.xm".
[Note that the URL contains "{tenant-id}", which represents a placeholder for the unique identifier (tenant ID) of each organization in Azure AD. Every organization has its own tenant ID, which needs to be replaced with the specific value for "{tenant-id}" in the link for it to work properly.] - Copy the URL for the Federation metadata document sign-on endpoint.
Once you have done this, switch over to Kordiam for the easy setup:
- Access the Security page in Kordiam.
- In the Entra ID (Azure AD) section enter the following data:
- Domain name (e.g. "acme-publishing") It must be unique to avoid duplication. The domain name has to be entered by the user on the login page, when they establish connection via Entra ID (Azure AD) for the first time.
- Metadata URL (the URL for the Federation metadata document sign-on endpoint which you copied a few steps earlier)
- Test the connection by clicking on Test Connection.
- Click Save at the bottom of the page and you are all done.
Note: Two different SSO options, such as ADFS and Entra ID (Azure AD), can easily be used simultaneously.
How Users Can Use the Single Sign-On
For the first login after the Entra ID (Azure AD) connection has been set up users access Kordiam via the usual login page.
On that page they find a button with Entra ID (Azure AD). They are then prompted to enter the domain name that was specified for Entra ID (Azure AD) on the Security Settings page of the Kordiam account.
Errors
Please check the special page with a list of potential SAML error messages.
Comments
0 comments
Please sign in to leave a comment.