Azure AD single sign-on (SSO) has instructions for setting up a SAML 2.0 login with any supporting application. The following settings are required for configuration with Project Insight.
- Your Azure AD SSO SAML 2.0 only needs two required URLs and the remainder (all three optional fields) should remain null.
a. Identifier: https://[url].projectinsight.net
b. Reply URL: https://[url].projectinsight.net/l.aspx
- Download your SAML Signing Certificate (Base64) so you can upload it into PI.
- Copy your Login URL to paste into PI.
In Project Insight you will need the following settings.
- Display Name which is any name reference you would like to use such as "My Azure SSO"
- Alias which will auto-fill based on the Display Name
- Identity Provider (IDP) which is the Login URL you copied from Azure
- SSO Protocol which must be SAML 2.0 Protocol
- Identity Claim Type should be Name ID
- IdP Signing Certificate which will be uploaded from the certificate you downloaded earlier.
To illustrate the above, here is an example of the settings in Azure AD SSO SAML 2.0.
And here is an example of the settings in PI.