Azure SSO Setup Guide

In this document you will find instructions on how to configure and setup Single Sign-on (SAML) integration with ​Microsoft Azure

 

In this document, you will find instructions on how to configure and setup Single Sign-on (SAML) integrations with ​Microsoft Azure

Microsoft Azure Logging In

Visit the Azure Active Directory ​https://azure.microsoft.com/en-us/services/active-directory/​ and Login using your Microsoft account.

After signing in you’ll be at the Azure dashboard.

 

Find the Application
Next, you’ll need to find the ​Curricula SAML​ application in the Active Directory. Once logged

into the dashboard click on ​Azure Active Directory​ in the left menu.

Next, you’ll need to click on the ​Enterprise applications​ button.

On the next page you’ll want to click ​All applications​. On that page you will see a search box where you can search for ​Curricula SAML

Once you find the Curricula SAML application, select it from the list.


Configure the Sign-on URL

 

Next, we need to sign-in to Curricula and create a new Group (which will allow us to enable Single Sign-on for that particular group of users). Visit ​https://mycurricula.com/login​, and login. Then, navigate to the ​Settings --> Learners --> then scroll down to the Group​ section and click on the ​purple 'Create Group' ​button:

Azure SSO New Group

Give your Group a unique name and description and then click '​Create'.

Azure SSO 2

After creating this new group, you will now have access to some more information about that group by selecting 'Edit' on that Group. Click on the '​Access'​ tab and then from the Authentication Type​ dropdown select S​AML Single Sign-on​ and click ​Update​.

Azure SSO 3

After you click on Update, you’ll see a few new fields displayed below. One of them is Service Provider Sign In URL.

Azure SSO 4

Copy that URL and let's jump back over to the Azure Directory.

Back in the Azure Directory, we need to configure single sign-on for the Curricula application. Click on the Single sign-on button in the left hand menu. Then click the edit button in the ​Basic SAML Configuration​ block.

On the Basic SAML Configuration section, enter the URL that you copied from the Curricula Group page into the following fields:

After updating those fields click on the Save button.

Finally, we need to add the Microsoft Azure Sign-on URL to our Group page. Back at the Single Sign-on page, click on the properties option on the side, and copy the User access URL.

Then, jump back over to Curricula and add that URL in the ​Identity Provider Single Sign-on URL ​field:

Azure SSO 5

Adding the Certificate

Finally, in order for our application to talk to the Identity Service Provider we need to add a unique certificate to our user group. (you can think of this kind of like a password. In order for Curricula to talk to Microsoft Azure the password or certificate needs to be verified)

Let’s not overcomplicate things, it’s a simple copy & paste and that’s all you’ll need to do with the certificate

Head back over to the Curricula SAML application in Azure Active Directory and in step 3 (SAML Signing Certificate) you will need to download the ​Certificate (Base64)​ file. Click on the Download link next to this label.

After downloading that file you will need to open it up in a Plain Text editor and you’ll see the contents of that file look similar to this:

-----BEGIN CERTIFICATE-----

REALLYLONGSTRING-THATDOESNTMAKESENSE THISISTHESCERTIFICATEORPASSWORDYOUWIL LNEEDTOCOPYANDPASTEINTOCURRICULA

-----END CERTIFICATE-----

So, make sure to copy the contents of that whole string and then jump back over to Curricula and paste that into the ​Identity Provider X.509 Certificate​ field, and click ​Update​:

Azure SSO 6

(Note: after clicking update the field will probably go blank again, don’t worry it saved the Certificate string, it’s just not displaying it for security purposes)

Next, we can move on to testing our Single Sign-on functionality.

 


Testing Single Sign-on

Go back to the Curricula SAML application where you can scroll to the bottom and click on the blue Test​ button.

Once this is successful, users in your group will now have access to Curricula via SAML!