Single sign-on (SSO) is a procedure that allows a user to access multiple IT services with only one sign-on. Dialog Insight offers single sign-on for connecting to its platform via your identity provider (IdP). This must be SAML 2.0 (Security Assertion Markup Language) compatible and allow field customization. With certain prior configurations, a user already connected to your system will therefore be able to use the Dialog Insight platform without having to connect to it since he is already authenticated in your system. Having data security and the user experience of its customers at heart, Dialog Insight strongly recommends the implementation of such a data protection measure.
Requirements
- Create an Azure account for your enterprise
Step 1: Create an Enterprise App
1.1 In the home page of your Azure account, use the search bar to find "Enterprise applications".
1.2 In the Enterprise applications page, click New application.
1.3 Click Create your own application.
1.4 Select the Integrate any other application you don't find in the gallery (Non-gallery) option:
Step 2: Configure the User Groups
2.1 Click Assign Users and groups:
2.2 Add the groups and their permissions:
Step 3: Fill In the SAML Configurations
3.1 In the Single Sign-On section, select SAML.
3.2 Copy the Application ID field. You will need it for the configuration in Dialog Insight.
3.3 Edit the Basic SAML Configuration, including the metadata import for the service provider in order to get the URL.
Step 4: Configure the Groups (Attributes & Claims)
4.1 Select the attributes that must be returned in the response.
4.2 Select the Groups assigned to the application option. This avoids exposing user details to a third-party application.
4.3 Select sAMAccountName (recommanded). With this option, the group name is passed instead of an ID. This makes setup and diagnostics much easier later. (Of course, this also means that changing group names later will break the setup.)
Step 5: Fill In the Form
When you are done with the configuration, fill in the form avaialble at the bottom of this article. Then, send it to the Support.