Add single-sign-on (SSO) to Minimus in Azure, by configuring Minimus as a custom SAML app.

Prepare the SSO form in Minimus

  1. Open the Minimus SSO form. You can use this direct link or navigate as follows: Go to Manage > Users. Then click Configure SSO.
    Keep this form open and available in another browser tab as you configure the SAML app in Azure.
  2. The form has 3 parts:
    1. Configure Minimus as a custom app in your identity provider - You will copy these parameters from Minimus to Azure in the next steps.
      1. SP Entity ID
      2. Reply URL (Callback / ACS URL)
      3. Relay State (optional) - If you leave the Relay State blank, users will only be able to login with SSO from the Minimus homepage.
    2. Connect Minimus to your identity provider - You will fetch these parameters from your Azure custom app and save them to the Minimus form.
      1. Login SSO URL
      2. IdP Entity ID
      3. Certificate
    3. SAML Attribute Mapping - Azure uses the standard AD claim formats. Copy the relevant schema for each parameter as shown below:
    Minimus ParameterAzure Attribute NameSchema
    Emailuser.mailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    Full Nameuser.userprincipalnamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/name

Add Minimus as a custom app under Azure Enterprise Applications

1

Create a Minimus application in Azure

  1. The first step is to create the Minimus App in Azure and link it to your Minimus Console. Go to Enterprise Applications to begin.
  2. Select the option New application.
  3. In the top bar, select the option to Create your own application.
    1. Name the application. (We’ll assume the name Minimus App was used for the rest of this guide.)
    2. Select the option to Integrate any other application you don’t find in the gallery (Non-gallery).
    3. Click Create.
    4. Wait for the success confirmation. It may take a minute or so.
2

Copy Azure entity ID to Minimus

  1. You will be automatically navigated to the Minimus App overview page.
  2. Copy the Azure Application ID to the IdP Entity ID in the Minimus form. Azure Application Id
3

Configure the SAML app

Select Single sign-on from the left menu, then select SAML.Azure Select SamlThis will open the form Set up Single Sign-On with SAML. The form includes numbered steps.
  1. Select Edit for Step 1 - Basic SAML Configuration.\ Azure Edit Single Sign On
  2. Copy the following from the Minimus SSO form to Azure:
To copy from Minimus formAnd paste in Azure form
SP Entity IDIdentifier (Entity ID)
Reply URL (Callback / ACS URL)Reply URL (Assertion Consumer Service URL)
Relay StateRelay State (Optional)
  1. Save the form. Azure Reply Url
4

Copy Azure attributes & claims to Minimus

This step repeats the instructions for the previous step - Prepare the SSO form in Minimus.If you haven’t already done so, copy the relevant schema to the SAML Attribute Mapping section in the Minimus SSO form as shown below.
  1. Select Edit for Step 2 - Attributes & Claims. Azure Step 2 Entities Claims
  2. You will see a table of the default claims. Azure Attributes Claims
  3. Copy the schema for the user.mail and the user.userprincipalname to the Minimus form.
Minimus ParameterAzure Attribute NameSchema
Emailuser.mailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
Full Nameuser.userprincipalnamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
5

Download Base64 Certificate

  1. In Azure, continue to Step 3 - SAML Certificates.
  2. Download the Base64 Certificate.
  3. Open the certificate in notepad or another code viewer, and copy the code (including “-----BEGIN CERTIFICATE… and …END CERTIFICATE-----”).
  4. Copy the certificate to the Minimus SSO form. Azure Download Certificate
6

Copy Azure Login URL to Minimus

  1. In Azure, continue to Step 4 - Set up Minimus.
  2. Copy the Azure Login URL to the field Login SSO URL in the Minimus SSO form. Azure Login Url
7

Save the Minimus SSO form

You are now ready to save the SSO configuration form in Minimus to complete the configuration.

Assign access in Azure

Grant Azure groups and/or users access to Minimus.
  1. In Azure, select Enterprise Applications.
  2. Select your Minimus App to open its details.
  3. Select Users and Groups from the left menu.
  4. Select Add user/group and follow the instructions on the page.
Azure Add Users

Troubleshooting SSO access

When copying the certificate to Minimus, make sure there is no whitespace before or after the certificate. Also, check that the expected prefix and suffix are included. 
-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----