Add single-sign-on (SSO) to Minimus in Azure, by configuring Minimus as a custom SAML app.

Prepare the SSO form in Minimus

  1. Open the Minimus SSO form. You can use this direct link or navigate as follows: Go to Manage > Users. Then click Configure SSO.

    Keep this form open and available in another web browser tab as you configure the SAML app in Azure

  2. The form has 3 parts:

    1. Configure Minimus as a custom app in your identity provider - You will copy these parameters from Minimus to Azure in the next steps.
      1. SP Entity ID
      2. Reply URL (Callback / ACS URL)
      3. Relay State (optional) - If you leave the Relay State blank, users will only be able to login with SSO from the Minimus homepage.
    2. Connect Minimus to your identity provider - You will fetch these parameters from your Azure custom app and save them to the Minimus form.
      1. Login SSO URL
      2. IdP Entity ID
      3. Certificate
    3. SAML Attribute Mapping - Azure uses the standard AD claim formats.
    Minimus ParameterAzure Attribute NameSchema
    Emailuser.mailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    Full Nameuser.userprincipalnamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
    1. Email - Copy the schema http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name to the field.
    2. Full name - Copy the schema
      http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress to the field.

Add Minimus as a custom app under Azure Enterprise Applications

1

Create a Minimus application in Azure

  1. The first step is to create the Minimus App in Azure and link it to your Minimus Console. Go to Enterprise Applications to begin.
  2. Select the option New application.
  3. In the top bar, select the option to Create your own application.
    1. Name the application. (We’ll assume the name Minimus App was used for the rest of this guide.)
    2. Select the option to Integrate any other application you don’t find in the gallery (Non-gallery).
    3. Click Create.
    4. Wait for the success confirmation. It may take a minute or so.
2

Copy Azure entity ID to Minimus

  1. You will be automatically navigated to the Minimus App overview page.

  2. Copy the Azure Application ID to the IdP Entity ID in the Minimus form.

3

Configure the SAML app

Select Single sign-on from the left menu, then select SAML.

This will open the form Set up Single Sign-On with SAML. The form includes numbered steps.

  1. Select Edit for Step 1 - Basic SAML Configuration.
  2. Copy the following from the Minimus SSO form to Azure:
To copy from Minimus formAnd paste in Azure form
SP Entity IDIdentifier (Entity ID)
Reply URL (Callback / ACS URL)Reply URL (Assertion Consumer Service URL)
Relay StateRelay State (Optional)

Open the Minimus SSO form in another browser tab. You can use this direct link or navigate as follows: Go to Manage > Users. Then click Configure SSO.

  1. Save the form.

4

Copy Azure attributes & claims to Minimus

  1. Select Edit for Step 2 - Attributes & Claims.

  2. You will see a table of the default claims.

  3. Copy the claim name for the user.mail and the user.userprincipalnameto the SAML Attribute Mapping section in the Minimus form.

    Azure Attribute NameSchema
    user.mailhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    user.userprincipalnamehttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
5

Download Base64 Certificate

  1. In Azure, continue to Step 3 - SAML Certificates.
  2. Download the Base64 Certificate.
  3. Open the certificate in notepad or another code viewer, and copy the code (including “-----BEGIN CERTIFICATE… and …END CERTIFICATE-----”).
  4. Copy the certificate to the Minimus SSO form.

6

Copy Azure Login URL to Minimus

  1. In Azure, continue to Step 4 - Set up Minimus.

  2. Copy the Azure Login URL to the Minimus SSO form.

Assign access in Azure

Grant Azure groups and/or users access to Minimus.

  1. In Azure, select Enterprise Applications.
  2. Select your Minimus App to open its details.
  3. Select Users and Groups from the left menu.
  4. Select Add user/group and follow the instructions on the page.

Troubleshooting SSO access

When copying the certificate to Minimus, make sure there is no whitespace before or after the certificate. Also, check that the expected prefix and suffix are included.

-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----