Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

When all requirements have been met, you're now able to enable AAD login for the Digizuite. 

Digizuite Configuration

To configure AAD on the Digizuite side, open Media Manager and go into Settings => SSO General settings → SSO

Image AddedImage Added

Once that page loads, select " WsFederation in the dropdown"

Configure a template member if required. If not configured for the SSO integration specifically, the general template member for the Digizuite will be used. 

Configure "Group sync level". Check the tooltips drop-down. When pressed, some new fields will be loaded in the UI. They are as follows:

Template member ID (Optional)

If not set (i.e. set to 0), the user will be created with the default rights given to new users. (Usually the group "Trusted" is applied)

The ID can be found in the DAM Center in its "user" menu.

Insert the ID of a user you want SSO users to look like when they log in the first time. Please be aware that the new SSO users will get the default groups (Trusted by default, as mentioned before) in addition to the groups and roles they get from the template user

Group sync level

Check the tool-tips in MM for specifications about what the individual levels does. 

Name

Next give the configuration a "name". This name is arbitrary and does not matter for usage, it's just for internal reference. 

Metadata address

Next provide the "Metadata address" for the ADFS server. It probably looks

It'll most likely look something like this: "https://login.microsoftonline.com/6e80d0d2-c049-4101-ad8d-8fd678b61299/federationmetadata/2007-06/federationmetadata.xml"Next provide

App ID

Provide the "App ID".

It'll probably looks look something like this: "api://0619b1d1-f2b9-4a72-8052-8772847f870f" 

Next press "save". 


Last Lastly, save and press "activate". Once

When you see the page changes to say "saying Latest is active", then AAD should be is good to go. 

Table of Contents