Microsoft(Azure) SSO
Setup a new Secret in AWS Secrets Manager
Log into the AWS Account where you have deployed ZUS in the Cloud. Navigate to Secrets Manager and select Store a New Secret. Select Other type of secret. In the Key/value pairs section, create 3 keys for the following:
username
passwordAdd the mfaType as sms if you have set the SMS based MFA. For sms MFA, please add the phoneNumber as well along with the country code for example if your 10 digit mobile number is 9876543210 and your country code is +1 then add the phoneNumber as +19876543210.
If mfaType is not provided then by default ZUS in the cloud will use the Microsoft Authenticator as MFA. If you want to explicitly mention the mfaType to use Microsoft Authenticator/Third party authenticators, the value should be authapp.
Add the mfaSecret, if your Microsoft application has TOTP based MFA and you want Zilla to automatically generate token. Value of this field would be the secret copied while setting up the MFA for the first time which we normally see below the QR, which is scanned by Microsoft authenticator or third party authenticator to generate OTP.
Click
Next
on the bottom of the page.The Secret name should be Zilla_SSO_microsoft. It is case sensitive.
Click
Next
on the bottom of the page and the following page.Review your Secret on the final page. After confirming, click
Store
.
Setup your ZUS in the Cloud apps in Zilla to use SSO
Now that your Secret has been successfully created in AWS Secrets Manager, the next steps are to configure your ZUS in the Cloud apps in Zilla to use this for authenticating. For each app in Zilla, open the Integration Configuration window by clicking on the gear icon in the top right.
SSO Login via Okta/Google/OneLogin/Microsoft: indicate which SAML/SSO Provider you will be using. Mention the value as Microsoft. The values for the currently supported SAML/SSO providers are:
Okta
Google
OneLogin
Microsoft
Name of the app card: indicate the configured SAML/SSO application. This value can be retrieved by logging into your Microsoft Account and go to Applications page locating the app that is being configured for ZUS in the Cloud with SAML/SSO in Zilla. For example, the image below shows the app card for Slack. The value highlighted is the value to enter into this field in Zilla.
Login URL of the app: Indicates the Login page URL of the application we want to sync. This value can be taken from browser address bar after going to login page of the application.
Selector (CSS/XPath) for the login button: Indicated the selector for the SSO button for Microsoft on the login page of the application. This is optional field. ZUS in the cloud tries to identify the microsoft or azure login button but if it is not able to identify then we should provide the selector for the button.
Click
Sync Now
. This will begin a ZUS in the Cloud sync which will use the SSO configuration that was set up in the previous steps.