Versions Compared

Old Version 1

changes.mady.by.user Aadrian Zarin

Saved on

compared with

New Version Current

changes.mady.by.user Debanraj Ravindran

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents


English

SAML SSO Configuration Steps

1. Install Joget SAML Plugin and Obtain ACS URL

  1. Install the Joget SAML Plugin from the Joget Marketplace.
  2. In the Joget System Settings > General Settings, set API Domain Whitelist   to * (IMPORTANT NOTE: If this is not set, you will get a 400 Forbidden error when performing the SSO)
    Code Block
    themeEmacs
    titleImportant Note
    If this is not set, you will get a 400 Forbidden error when performing the SSO.
  3. In the Joget System Settings > Directory Manager, select the Joget SAML Plugin.
  4. In the Joget SAML Plugin configuration, copy the Entity ID and ACS URL. (IMPORTANT NOTE: Azure AD requires the ACS URL to be HTTPS so your Joget installation must be running under HTTPS )
     Image Removed

...


  1. Code Block
    titleImportant Note
    Azure AD requires the ACS URL to be HTTPS so your Joget installation must be running under HTTPS.

    Image Added

2. Configure Microsoft Entra ID for SAML

  1. Sign in to the Azure portal , and navigate  navigate to Azure Active Directory > Enterprise applications  
    Image Removed     Select New application, Non-gallery application, and > Browse Microsoft Entra Gallery > Create your own application. Name your application and select the Integrate any other application you don't find in the gallery () option and click Create to add an application. 
     Image RemovedImage Added
  2. Select Select the application, select Set up single sign-on, then select SAML
    Image Removed Image Added
    Image Added
  3. Under Basic SAML Configuration, select the Edit pencil icon and key in the Joget SAML SAML Identifier (Entity ID) and Reply URL (Assertion Consumer Service (ACS) URL) copied earlier, then Save
    Image Removed Image Added

  4. Edit User Attributes & Claims, and configure the claims

    Claim Name

    Value

    Unique User Identifier (Name ID)

    user.userprincipalname

    email

    user.mail

    User.FirstName

    user.givenname

    User.LastName

    user.surname

    Image RemovedImage Added

  5. Under SAML Signing CertificateCertificates, download the Certificate (Base64). This certificate file will be used to configure the Joget SAML Plugin later.
    Image RemovedImage Added

  6. Select the Users and groups menu item on the left, and add the users allowed to access Joget. You may add yourself to the listing so that you can test the login later.
    Image RemovedImage Added

3. Configure SAML IDP Certificate in the Joget SAML Plugin

  1. Open the downloaded certificate file and copy the contents into the IDP Certificate field in the Joget SAML Plugin configuration (NOTE: copy without the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- lines) 
    Image Removed
    Image Added

4. Configure Custom User Attributes

  1. Key in the values of the user attributes 

    Image Added

5. Test the SAML SSO

  1. Access the Azure My Apps Portal, click on the application, and select the user to perform the SSO. 
    Image RemovedImage Added
  2. If the SSO configuration is correct, the current user will be logged into Joget.


Source Code

This plugin source code is available in a new open source repository at https://github.com/jogetoss/. JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

References

  1. https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-non-gallery-applications
  2. https://dev.joget.org/community/display/DX7/Joget+SharePoint+SSO+Integration

...