Instruction on this page is valid for the SaaS Management Product (SMP) product only. If you want to implement a single sign-on (SSO) for Enterprise Architecture Management (EAM) and Value Stream Management (VSM), please go here.
- Login to your Microsoft Azure Active Directory and go to Enterprise Applications, click New Application
- Select Create your own application
- Enter LeanIX SMP to name field and select Integrate any other application you don’t find in the gallery and then click Create
- When LeanIX SMP enterprise application is added select 2. Set up single sign on.
- Then select SAML single sign-on method
- For Set up Single Sign-On with SAML step you will need data from LeanIX SMP settings. Select Custom (SAML) option for Single Sign On.
In Azure AD select Edit under Basic SAML Configuration:
● Copy Identifier (Entity ID) value from LeanIX SMP and paste it in Azure AD field Identifier (Entity ID) field and set it as Default.
● Copy Reply URL value from LeanIX SMP and paste it in Azure AD field Reply URL (Assertion Consumer Service URL) and set it as Default.
● Copy Single Sign On URL value from LeanIX SMP and paste it under Sign on URL.
- Under SAML Signing Certificate download the Federation Metadata XML as you will need to upload this file into LeanIX SMP.
- In Account settings SSO settings in LeanIX SMP, select Custom (SAML) and upload the file you downloaded before from Azure AD, under Provider metadata.
- Set Allowed domains (e.g. your-company.com or login.microsoftonline.com) from which are users allowed to sign in.
- Last, click on Enabled checkbox and Save changes for SAML button and
- You should be able to sign in to LeanIX SMP using AzureAD. In case of misconfiguration please use username/password to sign into LeanIX SMP to modify your configuration.
Updated 8 months ago