Azure Integration

In this document, we show how to configure user provisioning and Single Sign-On between a Microsoft Entra ID tenant and a Base-B account.


The document assumes that you are already using Microsoft Office 365 ID or Microsoft Entra ID in your organization and want to use Microsoft Entra ID to allow users to authenticate with Base-B. Microsoft Entra ID itself can be connected to an on-premises Active Directory and use Entra ID federation, pass-through authentication, or password hash synchronization.


Contents


  • Requirements
  • Configuration Steps
  • Known Issues/Troubleshooting


Requirements


User provisioning based on the SCIM protocol and Single Sign-On via SAML are only available for paying customers on Base-B.


Refer to the Microsoft Entra ID pricing page to see the applicable fees for using Microsoft Entra ID.


Configuration Steps


Configure the provisioning functionality and single sign-on as follows.


Enable Single Sign-On functionality


In Microsoft Azure


In Microsoft Azure, under Enterprise Applications, you will need to follow these steps:


  1. Click the “New Application” button



  1. Search for Base-B and select the Base-B application



  1. Once the application is added, go to the Single Sign-On page


  1. In step 1 (Basic SAML Configuration), fill in the fields:



  1. In step 3 (SAML Certificates), click edit and then select the option “Sign SAML response and assertion” and click save



  1. Download and copy the content of the certificate available in step 3 (SAML Certificates)


In Base-B


  1. In Settings > Integrations > Applications, select the Microsoft Azure integration



  1. A screen will be presented which should be filled out as instructed below:
  • In the certificate field, enter the certificate downloaded from "SAML Certificates" in Microsoft Azure
  • In the Audience field, enter the Identifier provided in the "Basic SAML Configuration" of Microsoft Azure



  1. After clicking "Save," an API Key will be provided. Click copy to use it for user provisioning



Enable User Provisioning functionality


In Microsoft Azure


  1. Go to the Provisioning page


  1. Click "Edit Provisioning"



  1. Go to the "Admin Credentials" tab and fill in the fields:
  • In the "Tenant URL" field, enter the Base-B URL "https://api.baseb.app/scim/v2/"
  • In the "Secret Token" field, enter the API Key.


  1. Click "Save"


Known Issues/Troubleshooting


If you have questions or difficulties with the Base-B/Microsoft Azure integration, contact Base-B support via suporte@baseb.com.br

Updated on: 12/13/2024

Was this article helpful?

Share your feedback

Cancel

Thank you!