Prepare the SSO form in Minimus
-
Open the Minimus SSO form. You can use this direct link or navigate as follows: Go to Manage > Users. Then click Configure SSO.
Keep this form open and available in another browser tab as you configure the SAML app in Azure.
-
The form has 3 parts:
- Configure Minimus as a custom app in your identity provider - You will copy these parameters from Minimus to Azure in the next steps.
- SP Entity ID
- Reply URL (Callback / ACS URL)
- Relay State (optional) - If you leave the Relay State blank, users will only be able to login with SSO from the Minimus homepage.
- Connect Minimus to your identity provider - You will fetch these parameters from your Azure custom app and save them to the Minimus form.
- Login SSO URL
- IdP Entity ID
- Certificate
- SAML Attribute Mapping - Azure uses the standard AD claim formats. Copy the relevant schema for each parameter as shown below:
Minimus Parameter Azure Attribute Name Schema Email user.mail http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress Full Name user.userprincipalname http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name - Configure Minimus as a custom app in your identity provider - You will copy these parameters from Minimus to Azure in the next steps.
Add Minimus as a custom app under Azure Enterprise Applications
1
Create a Minimus application in Azure
- The first step is to create the Minimus App in Azure and link it to your Minimus Console. Go to Enterprise Applications to begin.
- Select the option New application.
- In the top bar, select the option to Create your own application.
- Name the application. (We’ll assume the name Minimus App was used for the rest of this guide.)
- Select the option to Integrate any other application you don’t find in the gallery (Non-gallery).
- Click Create.
- Wait for the success confirmation. It may take a minute or so.
2
Copy Azure entity ID to Minimus
- You will be automatically navigated to the Minimus App overview page.
-
Copy the Azure Application ID to the IdP Entity ID in the Minimus form.
3
Configure the SAML app
Select Single sign-on from the left menu, then select SAML.
- Select Edit for Step 1 - Basic SAML Configuration.\
- Copy the following from the Minimus SSO form to Azure:
| To copy from Minimus form | And paste in Azure form |
|---|---|
| SP Entity ID | Identifier (Entity ID) |
| Reply URL (Callback / ACS URL) | Reply URL (Assertion Consumer Service URL) |
| Relay State | Relay State (Optional) |
-
Save the form.
4
Copy Azure attributes & claims to Minimus
This step repeats the instructions for the previous step - Prepare the SSO form in Minimus.If you haven’t already done so, copy the relevant schema to the SAML Attribute Mapping section in the Minimus SSO form as shown below.
- Select Edit for Step 2 - Attributes & Claims.
- You will see a table of the default claims.
- Copy the schema for the
user.mailand theuser.userprincipalnameto the Minimus form.
| Minimus Parameter | Azure Attribute Name | Schema |
|---|---|---|
| user.mail | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress | |
| Full Name | user.userprincipalname | http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name |
5
Download Base64 Certificate
- In Azure, continue to Step 3 - SAML Certificates.
- Download the Base64 Certificate.
- Open the certificate in notepad or another code viewer, and copy the code (including “-----BEGIN CERTIFICATE… and …END CERTIFICATE-----”).
-
Copy the certificate to the Minimus SSO form.
6
Copy Azure Login URL to Minimus
- In Azure, continue to Step 4 - Set up Minimus.
-
Copy the Azure Login URL to the field Login SSO URL in the Minimus SSO form.
7
Save the Minimus SSO form
You are now ready to save the SSO configuration form in Minimus to complete the configuration.
Assign access in Azure
Grant Azure groups and/or users access to Minimus.- In Azure, select Enterprise Applications.
- Select your Minimus App to open its details.
- Select Users and Groups from the left menu.
- Select Add user/group and follow the instructions on the page.
