Setup of SAML and SCIM for Azure

About

Users of Azure can integrate with Insightly via SAML & SCIM and once setup has occurred in both Insightly and Azure, users can be provisioned. The process defined in this article will guide Insightly System Admins through the process up SAML & SCIM setup for Azure; this process works in tandem with the setup of SAML and SCIM within Insightly as detailed in the Setting Up SAML and SCIM Integrations article. 

Step 1: Add a New Enterprise Application in Azure

  1. Navigate to the Azure Portal: 
    https://portal.azure.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/~/AppAppsPreview/menuId~/null
  2. Select New Application.
  3. In the search bar, type Insightly SAML.

  4. Choose Insightly SAML from the results and click Create.
    A screenshot of a computer Description automatically generated

Step 2: Configure SAML Single Sign-On (SSO)

  1. In the Enterprise Application menu, navigate to Single sign-on.

  2. Choose SAML as the single sign-on method.
    A screenshot of a sign-on application Description automatically generated

Basic SAML Configuration:

  1. Click Edit next to Basic SAML Configuration.A screenshot of a computer Description automatically generated

  2. Copy the following SAML login URL from Insightly CRM Application:

    https://crm.na1.insightly.com/settings/Saml or Within Insightly, go to System Settings > Security > SAML and SCIM, copy the Sign-in page URL field. A screenshot of a computer Description automatically generated

  3. Paste this URL into both fields:

    • Identifier (Entity ID)

    • Reply URL (Assertion Consumer Service URL)

SAML Certificate Configuration:

  1. Download the SAML Certificate from Azure in either Base64 or Federation Metadata XML format. Base64 is recommended.A screenshot of a computer Description automatically generated

  2. Go to the SAML settings page in Insightly

    https://crm.na1.insightly.com/settings/Saml

  3. Upload the certificate or the metadata. Only one is needed.

  4. Click Save button to apply the changes.(For configuration of SAML within Insightly, the Setting Up SAML & SCIM Integrations article can be reviewed.)

A screenshot of a computer Description automatically generated

Step 3. Configure SCIM

Enable SCIM Provisioning in Insightly:

  1. On the SAML configuration page in Insightly, check the box for Enable SCIM Provisioning and press Save. 
  2. This will generate an auth token and reveal the SCIM endpoint.A screenshot of a computer Description automatically generated

Enable SCIM Provisioning in Azure:

  1. In Azure, navigate to the Provisioning section for the appA screenshot of a computer Description automatically generated.
  2. Click Get Started.A screenshot of a computer Description automatically generated
  3. From the From the Provisioning Mode dropdown, select Automatic.A screenshot of a login page Description automatically generated
  4. Paste the Tenant URL and Secret Token from Insightly into the corresponding fields.A screenshot of a computer Description automatically generated

  5. Press Test Connection.A screenshot of a computer Description automatically generated

  6. If successful, a notification will appear in the top-right corner.A white background with black text Description automatically generated

  7. Click Save to complete the setup.A screenshot of a computer Description automatically generated

  8. On the Provisioning screen, click Start ProvisioningA screenshot of a computer Description automatically generated

Step 4: Assign Users and Manage Provisioning

  1. SAML and SCIM are now set up.
  2. You can assign users to the app by navigating to the Users and Groups section in Azure.A screenshot of a computer Description automatically generated
  3. User Provisioning occurs on a scheduled basis, so new users may not immediately appear in Insightly. You can manually trigger provisioning via the Provision on demand option if necessary.A screenshot of a computer Description automatically generated









Was this article helpful?