Please ensure that you have gathered all the requirements needed for this section. If not, please visit the requirements documentation.
Only when all requirements have been met, you'll be able to enable AAD login for Digizuite products.
Digizuite Configuration
To configure AAD on the Digizuite side, open Media Manager and go into General settings → SSO
Once that page loads, select WsFederation in the drop-down. When pressed, some new fields will be loaded in the UI. They are as follows:
Template member ID (Optional)
If not set (i.e. set to 0), the user will be created with the default rights given to new users. (Usually the group "Trusted" is applied)
The ID can be found in the DAM Center in its "user" menu.
Insert the ID of a user you want SSO users to look like when they log in the first time. Please be aware that the new SSO users will get the default groups (Trusted by default, as mentioned before) in addition to the groups and roles they get from the template user
Group sync level
Check the tool-tips in MM for specifications about what the individual levels does.
Name
Next give the configuration a "name". This name is arbitrary and does not matter for usage, it's just for internal reference.
Next provide the "Metadata address" for the ADFS server.
It'll most likely look something like this: "https://login.microsoftonline.com/6e80d0d2-c049-4101-ad8d-8fd678b61299/federationmetadata/2007-06/federationmetadata.xml".
App ID
Provide the "App ID".
It'll probably look something like this: "api://0619b1d1-f2b9-4a72-8052-8772847f870f"
Lastly, save and press "activate".
When you see the page saying Latest is active, AAD is good to go.