One of HighGear’s powerful Enterprise-only features is SAML 2.0 integration. SAML stands for Security Assertion Markup Language and allows you to give your users a Single Sign-On experience in HighGear.
This support article will explain how to integrate Azure Active Directory with your HighGear system for Single Sign-On.
Please refer to this article on the Microsoft site for a step-by-step guide through their interface:
https://docs.microsoft.com/en-us/azure/active-directory/manage-apps/configure-single-sign-on-non-gallery-applications
The following sections will explain how the different parts of configuration connect between Azure and HighGear. So you will also need to be logged in to HighGear and on the Single Sign-On Settings page. To get to that page, open the Administration menu and click the Single Sign-On Settings menu item.
Configuring Azure
- Copy the Service Provider Entity ID from the Single Sign-On Settings page in HighGear and paste it into the Identifier (Entity ID) field in Azure.
- Copy the Assertion Consumer Service (ACS) URL from HighGear and paste it into Azure’s Reply URL (Assertion Consumer Service URL) field.
Configuring HighGear
- Under Azure’s basic SAML configuration, copy the Azure AD Identifier and paste it into the Identity Provider Entity ID field in HighGear.
- Copy Azure’s Login URL and paste it into the Single Sign On (SSO) URL field in HighGear.
- Copy the Logout URL from Azure and paste it into the Single Logout (SLO) URL field in HighGear.
- Under SAML Signing Certificate in Azure, click the Download link next to Certificate (Base 64). Open the file in Notepad, copy its contents and paste it into the Identity Provider Certificate field in HighGear.
To configure the remaining fields in HighGear, i.e. HighGear Certificate and HighGear Certificate Password, please contact the HighGear Support team (support@HighGear.com) and ask for your HighGear Single Sign-On Certificate.