Versions Compared
Key
- This line was added.
- This line was removed.
- Formatting was changed.
When all requirements have been met, you're now able to enable AAD login for the Digizuite.
Digizuite Configuration
To configure AAD on the Digizuite side, open Media Manager and go into Settings => SSO General settings → SSO
Image AddedImage Added
Once that page loads, select " WsFederation in the dropdown"
Configure a template member if required. If not configured for the SSO integration specifically, the general template member for the Digizuite will be used.
Configure "Group sync level". Check the tooltips drop-down. When pressed, some new fields will be loaded in the UI. They are as follows:
Template member ID (Optional)
If not set (i.e. set to 0), the user will be created with the default rights given to new users. (Usually the group "Trusted" is applied)
The ID can be found in the DAM Center in its "user" menu.
Insert the ID of a user you want SSO users to look like when they log in the first time. Please be aware that the new SSO users will get the default groups (Trusted by default, as mentioned before) in addition to the groups and roles they get from the template user
Group sync level
Check the tool-tips in MM for specifications about what the individual levels does.
Name
Next give the configuration a "name". This name is arbitrary and does not matter for usage, it's just for internal reference.
Metadata address
Next provide the "Metadata address" for the ADFS server. It probably looks
It'll most likely look something like this: "https://login.microsoftonline.com/6e80d0d2-c049-4101-ad8d-8fd678b61299/federationmetadata/2007-06/federationmetadata.xml". Next provide
App ID
Provide the "App ID".
It'll probably looks look something like this: "api://0619b1d1-f2b9-4a72-8052-8772847f870f"
Next press "save".
Last Lastly, save and press "activate". Once
When you see the page changes to say "saying Latest is active", then AAD should be is good to go.
Table of Contents |
---|