These setup instructions provide information for configuring SAML based sign-in for all users in the organization to the eShare Collaborate application. The Entity ID and ACS URL, referenced in this document, will be provided by an eShare Customer Success Manager when the tenant for your organization is provisioned on the platform.
REQUIREMENT:
The Person performing these steps must have an administrator role assignment of Application Administator, Cloud Application Administator, or Global Administator in the destination M365 tenant.
Login to the Entra Identity Portal as an Administrative user (For Commercial Customers: https://entra.microsoft.com | For Government Customers: https://entra.microsoft.us).
Under the ‘Entra ID’ dropdown in the left Navigation pane, select ‘Enterprise applications’, the find the ‘+ Create your own application’ button.
In the ’Create your own application’ pane, input a descriptive name for the SAML application (e.g., eShare SAML App), select the ’Integrate any other application you don’t find in the gallery (Non-gallery)’ option and click on ’Create’ at bottom of the pane.
When a new application is created and the page opens, select the ’Single sign-on’ option under the ’Manage’ section, followed by ’SAML’.
Within the ’Set up Single Sign-On with SAML’ page, select ’Edit’ under section #1 for ’Basic SAML Configuration’.
When the ’Basic SAML Configuration’ pane appears on the right, perform the following steps:
Paste the Entity ID provided by eShare in ’Identifier (Entity ID)’ field. Make sure ‘Default’ is selected for the new entry. Optionally, you may delete the existing entry created by Microsoft.
Paste the ACS URL provided by eShare in ’Reply URL (Assertion Consumer Service URL)’ field.
Select the ’Save’ button to confirm the changes.
Back in ’Set up Single Sign-On with SAML’ page, select ’Edit’ under section #2 for ’Attributes & Claims’.
Once the ’Attributes & Claims’ pane appears, select the ’+ Add new claim’ menu button.
Within the ’Manage claim’ page, input values below and click on ’Save’ to update changes:
Name: ncckey
Source attribute: user.objectid
Perform the same step and select the ’+ Add new claim’ button. Within the ’Manage claim’ page, input values below and click on ’Save’ to update changes:
Name: alias
Source attribute: user.secondaryauthoritativeemail
Next, on the ’SAML-Based Sign-on’ page, in section #3 for ’SAML Signing Certificate’, click on the button to copy ’App Federation Metadata Url’ and send it to your eShare Customer Success Manager as they will complete the final steps of the setup.
