Aternity SSO integration with Azure(Azure AD groups).
Aternity SSO integration with Azure(Azure AD groups).
Login to the Azure portal and navigate to the enterprise application which was created for the SSO integration.
Verifying Basic SAML Configuration
Verify Group claim
If the group claim is missing or not added correctly, use the following steps to add the group claim
Federation Metadata XML will added in the Aternity portal
Go to users and groups
Verify from the 'Members' tab the user who is trying to access the Aternity portal is part of the Azure AD group
The object ID will be used in the Aternity portal. The object ID of the Azure AD group can be obtained from 'Overview' or 'Properties' tab.
On the Aternity portal, Cogwheel > Integration settings > Security -SSO
Verify the Group Name, Group Attribute and Group Value
In one of the customer cases, the Azure AD group name was added in the 'Group Value' field. So, the Aternity Azure AD SSO integration was not working. The group value should be the Object ID of the Azure AD group that was copied from the Azure portal.