Configure Single Sign On Using Microsoft Azure
Add Lifesize from the gallery
- Log in to portal.azure.com (Azure classic portal), and on the left navigation pane, click Active Directory.
- From the Directory list, select the directory for which you want to enable directory integration.
- To open the applications view, in the directory view click Applications in the top menu.
- Click Add at the bottom of the page.
- On the What do you want to do dialog, click Add an application from the gallery.
- In the search box, type Lifesize Cloud.
- In the results pane, select Lifesize Cloud, and then click Complete to add the application.
To configure Azure AD Single Sign On with the Lifesize cloud-based service, perform the following steps:
- In the classic portal, on the Lifesize Cloud application integration page, click Configure single sign-on to open the Configure Single Sign-On dialog.
- On the How would you like users to sign on to Lifesize Cloud page, select Azure AD Single Sign-On, and then click Next.
- On the Configure App Settings dialog page, perform the following steps:
- In the Sign On URL text box, type the URL used by your users to sign on to your Lifesize app using the following pattern: https://login.lifesizecloud.com/ls/?acs
- Click Next.
- On the Configure single sign-on at Lifesize Cloud page, perform the following steps:
- Click Download certificate, and then save the file on your computer.
- Click Next.
To get SSO configured for your application, login into the Lifesize app with admin privileges
- In the top right corner, click on your name and then click Advanced Settings.
- Click SSO Configuration. This will open the SSO Configuration page for your instance. Configure the following values in the SSO configuration UI.
- Copy the value of Issuer URL from Azure AD, and paste that in Identity Provider Issuer text box.
- Copy the value of Remote Login URL from Azure AD, and paste that in Login URL text box.
- Open the downloaded certificate in Notepad. Copy the content of certificate, excluding the Begin Certificate and End Certificate lines, and paste this in the X.509 Certificate text box.
- In the SAML Attribute mapping for the First Name text box, enter the value as http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
- In the SAML Attribute mapping for the Last Name text box, enter the value as http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
- In the SAML Attribute mapping for the Email text box, enter the value as http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
- To check the configuration you can click on the Test button.
- Click Test, and you should see a successful SSO configuration message.
- Select the checkbox to Enable SSO, and click Update. Log out and log back in to the account using SSO.
For more information, refer to the Microsoft Tutorial.