Azure AD SSO Authentication
| Item | Description |
|---|---|
| Issuer ID |
Unique identifier of the IDP
|
| Single Sign-On URL | The binding that is used to send the response to the Identity provider. |
|
Response signature certificate (X509 Certificate) – PEM format |
Will verify tokens signed by the IDP |
| Domain name |
Used to link WMS username with the SSO username, using "Alternate username" For example: if the username is jdoe @somedomain.com, then the domain name is somedomain.com. NOTE: Customers need to provide ALL domains that they need for WMS. We don’t support generic consumer domains (for example: @yahoo.com @gmail.com) |
Note: Example assertion with NameID:
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ...>
...
<saml:Subject>
<saml:NameID>username@domain</saml:NameID> ...
</saml:Subject>
...
</saml:Assertion>