Set up your SSO integration (Azure AD)

Learn how to set up our SSO integration with Azure AD

Ryan Turner avatar
Written by Ryan Turner
Updated over a week ago

In this article, you'll learn how to set up Legatics with Azure Active Directory (Azure AD), allowing you to:

  • Control in Azure AD who from your organisation has access to Legatics

  • Enable your users to sign-in to Legatics with their Azure AD accounts (or automatically sign-in, if they have an active session with Azure AD).

  • Manage your accounts in one central location – the Azure portal.

To learn more about SaaS app integrations with Azure AD, take a look at this official documentation.

In this article

Requirements

Step 1: Add Legatics to your list of managed SaaS apps

  1. Log in to the Azure portal, using either an account with an Azure AD subscription or a free trial

  2. On the left navigation panel, select the Azure Active Directory service.

  3. Navigate to Enterprise Applications and then select All Applications.

  4. Add a new application by selecting New application.

  5. In the Browse Azure AD Gallery section, select Create your own application

  6. A sidebar will open.

    1. Give the integration the name Legatics (or Legatics 2, if you already have Legatics 1 set-up for SSO)

    2. Select the option Integrate any other application you don't find in the gallery.

    3. Select Create. Wait a few seconds while the app is added to your tenant.

Step 2: Configure Legatics in Azure AD

  1. In the Azure portal, on the Legatics application integration page (which you made in Step 1), find the Manage section and select Single sign-on.

2. On the Select a Single sign-on method page, select SAML.

3. On the Set up Single Sign-On with SAML page, click the edit/pen icon for Basic SAML Configuration to edit the settings.

4. On the Basic SAML Configuration section, enter the following values for each fields.

⚠️ CUSTOMER-ID is your customer number with Legatics. You can find this in the top left of your Administration System. Otherwise, contact the Legatics integrations team (integrations@legatics.com) to obtain this

Field

Input

Identifier (Entity ID)

If you are using our EU instance

https://app.legatics.com/CUSTOMER-ID

If you are using our Australian instance

https://au.app.legatics.com/CUSTOMER-ID

Reply URL (Assertion Consumer Service URL)

If you are using our EU instance

https://api.app.legatics.com/auth/v0/saml/CUSTOMER-ID/callback

If you are using our Australian instance

https://api.au.app.legatics.com/auth/v0/saml/CUSTOMER-ID/callback

Sign on URL

⚠️ Leave this field empty

Single Logout URL (optional)

If you are using our EU instance

https://api.app.legatics.com/auth/v0/saml/CUSTOMER-ID/logout

If you are using our Australian instance

https://api.au.app.legatics.com/auth/v0/saml/CUSTOMER-ID/logout

5. Save the Basic SAML configuration

Step 3: Generate Federation Metadata XML

  1. In the Azure portal, on the Legatics application integration page (which you made in Step 1), find the Manage section and select Single sign-on.

  2. On the Set up Single Sign-On with SAML page, click Download next to the Federation Metadata XML header.

  3. OPTIONAL: You may want to encrypt the Federation Metadata XML file that was downloaded. This can be done by zipping the file and then apply encryption to it (you will need a dedicated zipping tool to do this - if you are using WinZip, please see this article).

    We recommend selecting AES-256 bit encryption and adding a secure password.

Step 4: Send Federation Metadata XML.zip and tester information to Legatics

Please send the following information to our integrations team (integrations@legatics.com), so that they can connect your Azure AD integration with Legatics

  1. Federation Metadata XML.zip file to your Legatics representative.

  2. Tester information of the people in your organisation who should test the integration before it goes live. Please provide the following information for each tester

Tester Name

Tester Email

John Tester

john.tester@customer.com

Step 5: Connecting Azure with Legatics

The Legatics integrations team will connect Azure AD with your Legatics environment, and confirm when this is done.

You will now be able to test the integration with your specified testers. Once you are happy with the integration, please let the Legatics integrations team know and they will enable the integration for all of your users

Related Articles

Did this answer your question?