SSO Configuration: Microsoft Azure Active Directory

This article will walk through how to set up Casebook Single Sign On with Microsoft Azure Active Directory.

Step 1: Add Casebook as an enterprise application in Azure AD

In this step, you will add Casebook as an application in Azure AD to establish a trust relationship between the applications.

To add a new application in Azure AD

  1. Log in to the Azure Portal.
  2. In the Azure Services section, choose Azure Active Directory.
  3. In the left sidebar, choose Enterprise applications.
  4. Choose New application.
  5. On the Browse Azure AD Gallery page, choose Create your own application.
  6. Under What’s the name of your app?, enter a name for your application, Casebook, and select Integrate any other application you don’t find in the gallery (Non-gallery), as shown below. Then select Create.
    Figure 2: Add an enterprise app in Azure AD

It will take a few moments for the application to be created in Azure AD. You should be redirected to the Overview page for the newly added application.

Note: Occasionally, this step can result in a Not Found error, even though Azure AD has successfully created a new application. If that happens, in Azure AD navigate back to Enterprise applications and search for your application by name.

To set up Single Sign-on using SAML

  1. On the Getting started page, in the Set up single sign on tile, choose Get started, as shown below.
     
    Figure 3: Application configuration page in Azure AD
  2. On the next screen, select SAML.Number 2-2
  3. In the middle pane under Set up Single Sign-On with SAML, in the Basic SAML Configuration section, select the edit icon.Number 3-1
  4. In Casebook, copy the Identifier Entity ID under Step 1.Screen Shot 2022-09-29 at 11.57.43 AM
  5. Back in Azure AD, in the right pane under Basic SAML Configuration, replace the default Identifier ID (Entity ID) with the Identifier (Entity ID) you copied previously from Casebook.
  6. In Casebook, copy the Reply URL under Step 2.Screen Shot 2022-09-29 at 11.57.43 AM 2
  7. Back in Azure AD, in the Reply URL field, enter the Reply URL you copied previously from Casebook, as shown below. Select Save.Amazon-Cognito-federated-authentication-4
  8. Scroll down to the SAML Signing Certificate section, and copy the App Federation Metadata Url by choosing the copy into clipboard icon (highlighted with red arrow below). Keep this URL in a text editor, as you’ll need it in the next step.Amazon-Cognito-federated-authentication-6

Step 2: Add your Single-Sign-On Metadata URL to Casebook

  1. Paste the App Federation Metadata Url that you previously copied into Step 3 in Casebook and select Validate. Screen Shot 2022-09-29 at 11.57.43 AM 3
  2. Type "email" into Step 4 Map Your SSO Email Field in Casebook. 
  3. Select Turn on Single Sign On. Screen Shot 2022-09-29 at 11.57.43 AM 4-1

Note: Assign Users to Casebook in Azure AD. 

You will need to assign users to this application in Azure AD. If a user is not assigned to Casebook, they will see the following error message as they try to log-in. image (3)

 

Optional 

If you want to further restrict the Casebook app such that only a single group of users is allowed to consent, navigate to the Casebook, Calendar and Email Integration application in Azure Portal, then select Properties. You can toggle the assignment required to Yes. Once this is set, you can manage those users on the Users and Groups page.

unnamed

 

You can turn access options on or off for your users through the Self Service tab. These options can indicate if a user needs permission to access the application. image (7)-2