Microsoft(Azure) SSO

Owned by Rinkesh Goyal
Last updated: Apr 11, 2024
3 min read

Setup a new Secret in AWS Secrets Manager

  1. Log into the AWS Account where you have deployed ZUS in the Cloud. Navigate to Secrets Manager and select Store a New Secret. Select Other type of secret. In the Key/value pairs section, create 3 keys for the following:
    username
    password

    image-20240411-075227.png

     

  2. Add the mfaType as sms if you have set the SMS based MFA. For sms MFA, please add the phoneNumber as well along with the country code for example if your 10 digit mobile number is 9876543210 and your country code is +1 then add the phoneNumber as +19876543210.

    image-20240411-075014.png

If mfaType is not provided then by default ZUS in the cloud will use the Microsoft Authenticator as MFA. If you want to explicitly mention the mfaType to use Microsoft Authenticator, the value should be authapp.

 

 

  1. Click Next on the bottom of the page.

  2. The Secret name should be Zilla_SSO_microsoft. It is case sensitive.

     

  3. Click Next on the bottom of the page and the following page.

  4. Review your Secret on the final page. After confirming, click Store.

Setup your ZUS in the Cloud apps in Zilla to use SSO

  1. Now that your Secret has been successfully created in AWS Secrets Manager, the next steps are to configure your ZUS in the Cloud apps in Zilla to use this for authenticating. For each app in Zilla, open the Integration Configuration window by clicking on the gear icon in the top right.

    SSO Login via Okta/Google/OneLogin/Microsoft: indicate which SAML/SSO Provider you will be using. Mention the value as Microsoft. The values for the currently supported SAML/SSO providers are:

    • Okta

    • Google

    • OneLogin

    • Microsoft

    Name of the app card: indicate the configured SAML/SSO application. This value can be retrieved by logging into your Microsoft Account and go to Applications page locating the app that is being configured for ZUS in the Cloud with SAML/SSO in Zilla. For example, the image below shows the app card for Slack. The value highlighted is the value to enter into this field in Zilla.

    Login URL of the app: Indicates the Login page URL of the application we want to sync. This value can be taken from browser address bar after going to login page of the application.

    Selector (CSS/XPath) for the login button: Indicated the selector for the SSO button for Microsoft on the login page of the application. This is optional field. ZUS in the cloud tries to identify the microsoft or azure login button but if it is not able to identify then we should provide the selector for the button.

     

  2. Click Sync Now. This will begin a ZUS in the Cloud sync which will use the SSO configuration that was set up in the previous steps.