Edit

Setting Up SSO-SSL with the Aisera Admin UI and Azure AD (Microsoft Entra ID) Portal

This topic contains the following sections:

Create SAML SSO on app using the Azure AD portal

  1. Sign in to the Azure portal using either a work or school account, or a personal Microsoft account.

  2. Select the Microsoft Entra ID service.

  3. From the left navigation menu on the Directory Overview window, open the Manage option and select Enterprise Applications

  4. Navigate to Enterprise applications and then select All Applications

  5. To add a new application, select New Application

  6. Name your new application.

  1. Select Integrate any other application you don't find in the gallery (non-gallery).

  2. Choose Next.

  1. In the left navigation menu in your application Overview window, open the Manage option and choose Single sign-on.

  2. On the Select a single sign-on method page, select SAML.

Basic SAML Parameters

Name

Description

Identifier (Entity ID)

This should be the URL for your Aisera tenant: https://<company_name>.login.aisera.cloud

Reply URL (Assertion Consumer Service URL)

This is tenant url + /aisera/ssoLoginCallback:

https://<company_name>.login.aisera.cloud/aisera/ssoLoginCallback

Default RelayState

The default relay state used to access the Admin UI from the Idp portal is the same as your Aisera tenant URL:

https://<company_name>.login.aisera.cloud

Primary attributes

The user email address should be returned as the primary attribute.

Secondary attributes

The full name of the user should be returned as a value of the key name.

The following screenshot is an example of a Basic SAML configuration for the Aisera Admin UI in the Azure AD Portal. If you are create a SAML Configuration for webchat, replace login in the examples below with chatbot. See also Webchat SSO-SAML and OAuth2-SSO Integration with Auth0.

Copy or download values from the Active Directory

  • Certificate (Base64)

  • Login URL

  • Logout Url

Configure SSO Authentication in the Aisera Admin UI

  1. In the Aisera Admin UI, navigate to Settings > Configuration > Authentication > Select SSO Authentication

NOTE: Many of these configuration parameters require your Aisera tenant URL. Use the tenant URL that you received from your Aisera team, even if it is slightly different from the one in these examples, such as: https://<company_name>.login.aisera.net.

Login URL

This should be the URL for your Aisera tenant: https://<company_name>.login.aisera.cloud

ACS URL

This is the tenant url + /aisera/ssoLoginCallback:

https://<company_name>.login.aisera.cloud/aisera/ssoLoginCallback

Logout URL

This should be the URL for your Aisera tenant: https://<company_name>.login.aisera.clou

Issuer

This should be the URL for your Aisera tenant: https://<company_name>.login.aisera.cl

Skip Compression

If checked, the SAML request from the service provider will not be compressed. Most of the time, this should be unchecked, but it needs to be checked for some versions of Microsoft AD SSO.

If you are using Azure AD and you get an invalid request error, try the request again after unchecking this box.

x509 certificate

Copy and paste the content of your certificate here.

Admin UI only extra fields

Separate Window

For most configurations, this should be unchecked. It should only be checked if the Idp is configured to support HTTP Redirect only, and not HTTP POST.

PreviousSetting Up SSO AuthenticationNextTenant Configuration Settings

Last updated

Was this helpful?