Microsoft Azure SSO SAML Integration

SimpleMDM integrates with Microsoft Azure using the Security Assertion Markup Language (SAML) standard.This guide will explain how to designate an Azure account as a trusted identity provider (IdP) for authenticating administrators of your SimpleMDM account.

As the Microsoft Azure user interface may change, this guide has been written to provide a general process for getting up and running.

In SimpleMDM:

  1. Navigate to Settings > Users.
  2. Click the 'Settings' tab.
  3. Under the 'Single Sign On with SAML' section, select "Yes" to enable SAML.
  4. In the Short Name field, enter your company name (must be one word - no spaces or special characters).
  5. Click 'Save'. The fields under 'SimpleMDM Information' will automatically populate.

In Azure:

  1. Navigate to Enterprise Applications.
  2. Click 'Add a non-gallery application'.
  3. Select 'Single sign-on'.
  4. Select 'SAML'.
  5. Copy the value in the Audience field in SimpleMDM and enter it in the Identifier (Entity ID) field in the Azure settings.
  6. Copy the 'SimpleMDM SAML Consumer URL' from SimpleMDM and enter it in the 'Reply URL' field in Azure.
  7. Copy the 'SimpleMDM Single Logout URL' from SimpleMDM and enter it in the 'Logout URL' field in Azure.

Back in SimpleMDM:

  1. Copy the 'Login URL' value from Azure and enter it in the 'Endpoint URL' field in SimpleMDM.
  2. Copy the 'Thumbprint' value from Azure and enter it in the 'X.509 fingerprint or certificate' field in SimpleMDM.
  3. Copy the 'Logout URL' value from Azure and enter it in 'Single Logout URL' field in SimpleMDM.
  4. Save the settings.

Once complete, test the connection in the Azure settings to ensure the setup was successful.