Scribd
Upload
309 views5 pages

SaaS - Configuring SSO With Azure AD

This SAP Knowledge Base Article provides instructions for configuring SAML SSO with Azure AD for SAP Signavio. It outlines the steps for adding a new application in Azure AD, setting up user attributes, and completing the SAML configuration. Users are advised to consult their consultants or partners for assistance with third-party identity provider setups.

Uploaded by

Matías Emmanuel Kaufman Hoffmeyer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
309 views5 pages

SaaS - Configuring SSO With Azure AD

This SAP Knowledge Base Article provides instructions for configuring SAML SSO with Azure AD for SAP Signavio. It outlines the steps for adding a new application in Azure AD, setting up user attributes, and completing the SAML configuration. Users are advised to consult their consultants or partners for assistance with third-party identity provider setups.

Uploaded by

Matías Emmanuel Kaufman Hoffmeyer
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

SAP Knowledge Base Article

3242880 - SaaS: Configuring SSO with Azure AD


Component: BPI-SIG-CA-SEC-SAM (Business Process Intelligence > SAP Business Transformation Suite by SAP
Signavio > Cross Application Topics for SAP Signavio > Workspace Security for SAP Signavio Transformation
Suite > SAML 2.0 for SAP Signavio), Version: 6, Released On: 08.10.2024

Symptom
We want to configure the SAML-integration with our Azure AD. Where can I find the instruction guide as a link / PDF?

Resolution
The information provided does not imply that SAP Signavio Product Support have any expertise in setting up 3rd party
identity provider (IdP) systems for customers. These are merely bits of information that were gathered over time while
configuring the SAML SSO with identity providers, which may help you with a smoother setup. If you require assistance
setting up your IdP system, please reach out to your consultant, partner, or specialized support.
Image/data in this KBA is from SAP internal systems, sample data, or demo systems. Any resemblance to real data is purely
coincidental.
Please find a quick instruction guide below:
Add a new application in the Azure AD (Enterprise applications - New application)
Select the option "Non-gallery application" and type a name for the application

Select the option "User and groups"

Click on the button "Add user"


Select the users and groups, who should have access to the Signavio Collaboration Hub

Confirm your selected users and groups with the Select-button and the Assign-button

Choose "Single sign-on" and select the value "SAML"

Fill out the information according to the following steps

Basic SAML Configuration

Don´t use the "Upload metadata file"-function as this doesn´t work with the Signavio
metadata

Type in the URLs for the "Entity ID" and "Assertion Consumer Service URL" according to the
following KB article:
KB0381167 - Which SAML Assertion Consumer Service(ACS) URL / EntityID will be used by Signavio?
https://launchpad.support.sap.com/#/notes/0003161011

You can leave the additional URLs empty


User Attributes and claims

Use the user.employeeid attribute as the "User Identifier"


Delete the existing attribute examples (The default namespace entries lead to error messages because they
are different attribute names)

Add the following new attributes and leave the namespace empty

name value

last_na user.surnam
me e

first_na user.givenna
me me

email user.mail
SAML Signing Certificate
Download the Federation Metadata XML
Upload the Federation XML file to your Signavio workspace.

Afterwards, the configuration is done, and the app can be found on the Azure Portal. The synchronization can take some
minutes.
Once the configuration on both sides has been completed, you can test the SSO via this URL (Please choose the appropriate
infrastructure for your link)
https://editor.signavio.com/p/hub?t=<workspace ID>
https://app-au.signavio.com/p/hub?t=<workspace ID>
https://app-us.signavio.com/p/hub?t=<workspace ID>
https://app-jp.signavio.com/p/hub?t=<workspace ID>
https://app-ca.signavio.com/p/hub?t=<workspace ID>
(Replace the placeholder <workspace ID> with the workspace ID of your tenant. You can find the workspace
ID in Process Manager Explorer - Help - Workspace information)
For more information on Single sign-on using SAML, please see our documentation.

Keywords
process manager, sso

Attributes
Key Value

Requires Action 0

Products
Products

SAP Signavio Process Manager all versions

Signavio Process Manager all versions

Attachments
File Name File Size Mime Type

Pasted image.png 193 image/png

image2018-11-27_12-59-52.png 31 image/png

image2018-11-27_13-2-43.png 45 image/png

You might also like