Setting Up SSO with Azure as an IDP

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

okay hello everyone so today in this uh short demo we are going to see how to set up single sign-on for adobe applications using microsoft azure as an identity provider so the first step is to sign into your admin console which i'm going to do right now and select your identity type and i need to type in my email address and the password so once you assign into the admin console you will see different tabs here on the top overview products users packages accounts inside settings and support so you have to click on settings and yeah so once you are there inside the settings tab you will see different options here on the left hand side that would say identity asset settings privacy and security console settings content logs encryption settings and so on so we first so we have to click on identity and then we have to create a directory first so we will click here create directory and i'll give it a name and i'll select the identity type that i intend to use with my directory which is federated id then i'll click next and it says select the identity provider that your organization uses to authenticate users so if i select microsoft azure active directory then i will be uh telling adobe that i want to sync my directory uh with the admin console which i don't intend to do right now for now i'm going to select this other sample providers so i'll select that and click next okay now it has given me all these options i'll just click cancel now now i need to claim a domain okay so i'll click on add domain and then i'll enter my domain name here i'll click next okay now it says needs validation so i'll click on add domain so now it's going to let me just search for my domain here okay so if i click here it takes me into this page where a text record is generated and i have to add this uh this dns recorder to my domain uh as a text entry and then i have to click on validate now over here in my admin console so to validate this domain to in order to let adobe know that i am the legend owner of this domain i have to log into my uh domain uh settings and then i have to add this uh dns uh token there as a text entry so which i'm going to do now so to validate this domain i have to log into my office 365 admin portal and once i'm signed in i have to click on the settings and then you have to click on this domains tab now i have to click on this domain and then i have to go to dns records and i have to click on this add record button so now i have to go back to my admin console where uh this text record was generated i have to copy this record value from here just click on this button and this text record will be this text record this record value will be copied over and then you have to go back here to your office 365 admin portal and the text name will be at the rate and the text value is something that i can copy from here i will just click on this button copy record value go back here and paste it and click save all right so this has been added as a text record now in this admin console page i will click on this validate now button and let's see if we can validate this domain yes so we have successfully validated our domain so we can now link this domain to the directory that we had created earlier so i'll just click on link directory and from this drop down i'll just select the directory that i had created and i'll click link okay so my directory has also been linked now i'll click on this directories tab and i'll search for my directory all right so we can see that this directory contains this domain and the saml settings have not been configured yet so we'll click on configure okay now we can log into our azure admin portal and we can set up the single sign-on settings there okay so i'm now signed into my azure admin portal and inside the azure active directory i have to click on this enterprise applications tab so we have to now click on this plus button for new application and then we have to search for creative uh there it is adobe creative cloud so click on that and uh click create all right so this application template is being downloaded and being set up on my azure portal okay so my application has been set up so i can see the properties here now what i have to do is to click on set up single sign on and click on this saml alright so here it says basic saml configuration identifier entity id and other details are here so i have to click on this edit button for identifier entity id and a session consumer service url we are going to edit those now to find out these values for the entity id and the reply url we have to go back to the admin console so here is the acs or the reply url so i'll just click here copy to clipboard and we will paste it here and go back and then we'll copy the entity id go back here and then we will paste it here okay now that's it we just click on save so after saving these values we have to verify whether the user attributes and claims are set up properly so adobe has a helpex article or a page where it has clearly defined what uh the user attributes and claims should be set up for uh for using single sample through azure so if you go here and you can ease very easily find this kb article if you just go to google or your favorite search engine and type in adobe azure sso help x and you'll be able to find this uh help article so uh here are the user attributes and claims that you need to configure on your azure portal so first name says user.given name so i just click here edit all right so user unique identifier email address is set to user dot email and user dot mail is also fine first name is user dot given name and user dot given name is here that's also fine unique user identifier is user dot user principal name which is also fine and the last name is uh user dot surname and here also it's configured correctly so we don't need to make any changes over here on this portal it looks all good so let's just go back okay and we now have to download this federation metadata xml and we have to upload this xml on the admin console so i'll just click on save file okay now i'll go back to my admin console and i'll get that xml file i'll drag and drop this xml file here on my admin console and i'll click save all right so this has been set up properly it says azure ad saml and that's okay now let's go back to our azure portal and uh so far everything looks good and yeah let's add a user and then we will test it out so go to the users and group and click on add user or group uh i'll click here and then i will select the default user that we have over here select and click assign okay now you can just go back to my admin console and i'll also add this user into my admin console as well so just click here users tab add user and i'll add the email address oops there is a typo okay so [Music] looks okay i'll just click save all right so now this user has been added into my admin console we can see it here so let's test whether single sign-on works for this user i will open a private window and navigate to adobe.com and continue the united states i'll click on sign in then i'll just enter the domain name to see if i'm being redirected to my idp portal yes it does redirect me to the idp portal all right so i'm signing in with my azure account and let's see if all right so it seems to have worked and it has allowed me to sign in with my azure account so that's it very very simple process to set up single sign-on using your microsoft azure account so yeah thank you very much and wish you a happy rescue day bye

Info

Channel: Creative Cloud IT Tools

Views: 1,713

Rating: undefined out of 5

Keywords: Adobe, SSO, Single Sign On, Creative Cloud, SAML, Azure

Id: psyZWBiOkrA

Channel Id: undefined

Length: 13min 8sec (788 seconds)

Published: Tue Jun 01 2021