First, go to the Azure portal and select Azure Active Directory. Then go to "Enterprise Application" and create a new application. Now, select "Non gallery application".
You will land on this page, where you can set your app name.
- Select your newly created application and click on Single Sign On. Choose SAML application.
- Now, you need to configure the Service Provider in Azure. Click on Edit in the first box. Use these values:Don't forget to click on "Save".
- `Identifier (Entity Id)` field is filled with the `SP Entity ID` value on GitGuardian dashboard.- `Reply URL (Assertion Consumer Service URL)` field is filled with the `ACS URL` value on GitGuardian dashboard.
- Now, some mappings need to done. Select 'Edit' on the 'User Attributes & Claim' box. Click on 'Add new claim'. Leave 'Namespace' empty and use these values:Don't forget to click on "Save".
- `Name: first_name + Source attribute: user.givenname`- `Name: last_name + Source attribute: user.surname`
You also need to make sure that the User ID claim is set to Email.
- Setup how responses and assertions are signed. Choose 'Sign both' and 'SHA-256' as digest algorithm
- Now, you need to configure the Identity Provider in GitGuardian dashboard. Use these values:
Entity Idfield is filled with the
Azure AD Identifier
Single Sign-On URLfield is filled with the
X509 Certfield is filled with the certificate. Download the Base64 certificate, use
catand copy/paste the plaintext value.
- Test your app configuration by clicking on "Test".