Azure Initial Setup
Login to Azure.
Visit the Enterprise Applications page.
Select “Create a New Application”, then on the following page, select “Create your own application”.
On the pop-up, give a new application a name (“Halo Security”), and select the “Integrate any other application you don't find in the gallery (Non-gallery)” option. Click the “Create” button.
On the “Overview” page, click “1. Assign users and groups” and select the users from Azure AD that will have access to the application.
Then click “2. Set up single sign-on”. Choose “SAML” for the type of SSO.
Azure SAML SSO Setup
Edit the “Basic SAML Configuration”, then in a separate tab, open the Halo Security SAML Authentication Settings. Fill in the following fields using the predefined values from Halo SAML Settings:
Identifier (Entity ID) -> Entity ID
Reply URL (Assertion Consumer Service URL) -> ACS URL
Logout Url (Optional) -> Logout URL
Edit “Attributes & Claims”. Create 2 new claims with the following values:
Source Attribute: user.givenname
Source Attribute: user.surname
Save the claims and return to the “Halo Security | SAML-based Sign-on” overview.
Halo SAML Setup
Navigate to the “Single-sign-on” view under “Manage” within AZURE.
Download “Certificate (Base64)” copy value into "Certificate" within HALO.
Copy the "Azure AD Identifier" value into "Issuer Entity ID" within HALO.
Navigate to the "Properties" view under "Manage" within Azure.
Copy the "User access URL" value into "SAML URL ID" within HALO.