SAML 2.0 group membership with azure

Description

After adding your SAML 2.0 domain in the SMA appliance add the following attribute in Azure in the "attributes and claims" under the saml based single sign on options.   Check the box "customize the name of a group claim"  Add the name Group in the required field.

Image

Next add the Group attribute in the SMA domain settings.  Edit your SAML 2.0 domain in the SMA and add "Group" to the group name field.

Image


Next add a group under users and groups.  Choose your SAML 2.0 domain, enter the name of an azure based group and save it.   Edit the group and browse to the "SAML Groups" tab.  Use the ID of the Azure AD group (xxxxx-xxxxx-xxxxx-xxxxx) instead of the group display name (this can be found editing a group in azure) 

Related Articles

  • SMA100 End of Support No-Charge Replacement FAQ
    Read More
  • SMA1000: Post upgrade to 12.5.0 on AWS and Azure, we show the error Could not retrieve the DNS settings once we log in to AMC/CMS console
    Read More
  • Firmware version required to upgrade to version 12.5.0.
    Read More

Categories

Secure Mobile Access
SMA 100 Series
not finding your answers?
Ask the Community