If you are looking for more information on enabling User Provisioning within Microsoft Azure/ Entra, please see User Provisioning within Entra
Adding a non-gallery BizLibrary Application to Azure
- As an administrator, log into to your Azure Active Directory portal.
- Select Enterprise Applications > New application.
- On Azure, create a non-gallery BizLibrary Application. Select Non-gallery application then name your application.
- Choose Single sign-on from the left menu, then SAML to begin the authentication process.
- Log in to BizLibrary, choose Administration from the top navigation drop down.
- From the Administration homepage, on the left-hand side, choose System, then Authentication.
- From the Authentication Profile, choose New Authentication Method.
-
Give your authentication a title and IDP name.
- Copy the following provided fields from the BizLibrary Authentication Method set up form into the appropriate fields to your Azure SAML configuration set up.
| BizLibrary | Azure |
| Assertion Consumer Service (ACS) URL | Reply URL (Assertion Consumer Service URL) |
| EntityID | Identifier (Entity ID) |
| Login URL | Sign on URL |
-
Once you add the ACS URL, EntityID, and Login URL, add the IDP Authentication Request Endpoint from Azure into your BizLibrary Authentication Method set up form. This can be found on the 4th step of Azure, “Login URL”.
-
Then you will want to choose a Name ID Format.
-
If not provisioning users, please provide a message letting users know it has been disabled.
-
Choose an Authentication Context Class Reference.
-
Enter your Assertion Attribute. In this example we use Email Address, which can be found on the second step in Azure. In Azure, click the edit button and you will see the claim name, that will need to be copied and pasted into the Assertion Attributes field on the BizLibrary Authentication Method form. The Assertions Attribute should map to the appropriate field within BizLibrary. In this case, it would be UserName, then click ‘Add’.
-
The bottom of your BizLibrary Authentication Method form should look similar to this.
-
Add your users through Azure by clicking the Users and groups button on the left navigation, then clicking “Add user”.
0
- Go back to the BizLibrary Authentication Method page. On the Authentication you just created, click on Preview. You will be logged out and if you have set it up successfully, you should successfully experience the SAML log in.
Adding your authentication method to your branded site
- If you have not done so already, create a branded site. For more information on creating a branded site, visit Creating or Modifying a Branded Site
-
On BizLibrary, click Administration from the drop down.
-
On the left-hand side navigation, click on System, then Branded Sites.
-
Click on the edit (pencil) button of your branded site.
-
From the edit of your Branded Site, choose the Authentication Methods for your organization.
- Select Update.