Tutorial: Azure Active Directory integration with PageDNA

In this tutorial, you learn how to integrate PageDNA with Azure Active Directory (Azure AD).

Integrating PageDNA with Azure AD provides you with the following benefits:

  • In Azure AD, you can control who has access to PageDNA.
  • You can enable your users to be automatically signed in to PageDNA (single sign-on) with their Azure AD accounts.
  • You can manage your accounts in one central location: the Azure portal.

For details about software as a service (SaaS) app integration with Azure AD, see What is application access and single sign-on with Azure Active Directory?.

Prerequisites

To configure Azure AD integration with PageDNA, you need the following items:

  • An Azure AD subscription. If you don't have an Azure subscription, create a free account before you begin.
  • A PageDNA subscription with single sign-on enabled.

Scenario description

In this tutorial, you configure and test Azure AD single sign-on in a test environment and integrate PageDNA with Azure AD.

PageDNA supports the following features:

  • SP-initiated single sign-on (SSO).

  • Just-in-time user provisioning.

Add PageDNA from the Azure Marketplace

To configure the integration of PageDNA into Azure AD, you need to add PageDNA from the Azure Marketplace to your list of managed SaaS apps:

  1. Sign in to the Azure portal.

  2. In the left pane, select Azure Active Directory.

    The Azure Active Directory option

  3. Go to Enterprise Applications, and then select All Applications.

    The Enterprise applications pane

  4. To add a new application, select + New application at the top of the pane.

    The New application option

  5. In the search box, enter PageDNA. In the search results, select PageDNA, and then select Add to add the application.

    PageDNA in the results list

Configure and test Azure AD single sign-on

In this section, you configure and test Azure AD single sign-on with PageDNA based on a test user named Britta Simon. For single sign-on to work, you must establish a link between an Azure AD user and the related user in PageDNA.

To configure and test Azure AD single sign-on with PageDNA, you need to complete the following building blocks:

  1. Configure Azure AD single sign-on to enable your users to use this feature.
  2. Configure PageDNA single sign-on to configure the single sign-on settings on the application side.
  3. Create an Azure AD test user to test Azure AD single sign-on with Britta Simon.
  4. Assign the Azure AD test user to enable Britta Simon to use Azure AD single sign-on.
  5. Create a PageDNA test user so that there's a user named Britta Simon in PageDNA who's linked to the Azure AD user named Britta Simon.
  6. Test single sign-on to verify whether the configuration works.

Configure Azure AD single sign-on

In this section, you enable Azure AD single sign-on in the Azure portal.

To configure Azure AD single sign-on with PageDNA, take the following steps:

  1. In the Azure portal, on the PageDNA application integration page, select Single sign-on.

    Configure single sign-on option

  2. In the Select a single sign-on method pane, select SAML/WS-Fed mode to enable single sign-on.

    Single sign-on select mode

  3. On the Set up Single Sign-On with SAML pane, select Edit (the pencil icon) to open the Basic SAML Configuration pane.

    Edit Basic SAML Configuration

  4. In the Basic SAML Configuration pane, take the following steps:

    PageDNA domain and URLs single sign-on information

    1. In the Sign on URL box, enter a URL by using one of the following patterns:

      https://stores.pagedna.com/<your site>
      https://<your domain>
      https://<your domain>/<your site>
      https://www.nationsprint.com/<your site>
    2. In the Identifier (Entity ID) box, enter a URL by using one of the following patterns:

      https://stores.pagedna.com/<your site>/saml2ep.cgi
      https://www.nationsprint.com/<your site>/saml2ep.cgi

    Note

    These values aren't real. Update these values with the actual sign-on URL and identifier. To get these values, contact the PageDNA support team. You can also refer to the patterns shown in the Basic SAML Configuration pane in the Azure portal.

  5. In the Set up Single Sign-On with SAML pane, in the SAML Signing Certificate section, select Download to download Certificate (Raw) from the given options and save it on your computer.

    The Certificate (Raw) download option

  6. In the Set up PageDNA section, copy the URL or URLs that you need:

    • Login URL
    • Azure AD Identifier
    • Logout URL

    Copy the configuration URLs

Configure PageDNA single sign-on

To configure single sign-on on the PageDNA side, send the downloaded Certificate (Raw) and the appropriate copied URLs from the Azure portal to the PageDNA support team. The PageDNA team will make sure the SAML SSO connection is set properly on both sides.

Create an Azure AD test user

In this section, you create a test user in the Azure portal named Britta Simon.

  1. In the Azure portal, in the left pane, select Azure Active Directory > Users > All users.

    The Users and "All users" options

  2. At the top of the screen, select + New user.

    New user option

  3. In the User pane, do the following steps:

    The User pane

    1. In the Name box, enter BrittaSimon.

    2. In the User name box, enter BrittaSimon@<yourcompanydomain>.<extension>. For example, BrittaSimon@contoso.com.

    3. Select the Show password check box, and then write down the value that's displayed in the Password box.

    4. Select Create.

Assign the Azure AD test user

In this section, you enable Britta Simon to use Azure single sign-on by granting her access to PageDNA.

  1. In the Azure portal, select Enterprise applications > All applications > PageDNA.

    Enterprise applications pane

  2. In the applications list, select PageDNA.

    PageDNA in the applications list

  3. In the left pane, under MANAGE, select Users and groups.

    The "Users and groups" option

  4. Select + Add user, and then select Users and groups in the Add Assignment pane.

    The Add Assignment pane

  5. In the Users and groups pane, select Britta Simon in the Users list, and then choose Select at the bottom of the pane.

  6. If you're expecting a role value in the SAML assertion, then in the Select Role pane, select the appropriate role for the user from the list. At the bottom of the pane, choose Select.

  7. In the Add Assignment pane, select Assign.

Create a PageDNA test user

A user named Britta Simon is now created in PageDNA. You don't have to do anything to create this user. PageDNA supports just-in-time user provisioning, which is enabled by default. If a user named Britta Simon doesn't already exist in PageDNA, a new one is created after authentication.

Test single sign-on

In this section, you test your Azure AD single sign-on configuration by using the My Apps portal.

When you select PageDNA in the My Apps portal, you should be automatically signed in to the PageDNA subscription for which you set up single sign-on. For more information about the My Apps portal, see Access and use apps on the My Apps portal.

Additional resources