Halo Security

Visit the <a href="https://portal.azure.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/~/AppAppsPreview" rel="nofollow noopener noreferrer" target="_blank">Enterprise Applications</a> page.

Select “Create a New Application”, then on the following page, select “Create your own application”.

On the pop-up, give a new application a name (“Halo Security”), and select the “Integrate any other application you don't find in the gallery (Non-gallery)” option. Click the “Create” button.

On the “Overview” page, click “1. Assign users and groups” and select the users from Azure AD that will have access to the application.

Then click “2. Set up single sign-on”. Choose “SAML” for the type of SSO.

1. Login to Azure.
2. Visit the <a href="https://portal.azure.com/#view/Microsoft_AAD_IAM/StartboardApplicationsMenuBlade/~/AppAppsPreview" rel="nofollow noopener noreferrer" target="_blank">Enterprise Applications</a> page.
3. Select “Create a New Application”, then on the following page, select “Create your own application”.
4. On the pop-up, give a new application a name (“Halo Security”), and select the “Integrate any other application you don't find in the gallery (Non-gallery)” option. Click the “Create” button.
5. On the “Overview” page, click “1. Assign users and groups” and select the users from Azure AD that will have access to the application.
6. Then click “2. Set up single sign-on”. Choose “SAML” for the type of SSO.

Edit the “Basic SAML Configuration”, then in a separate tab, open the <a href="https://www.halosecurity.com/user/account/company/saml" rel="nofollow noopener noreferrer" target="_blank">Halo Security SAML Authentication Settings</a>. Fill in the following fields using the predefined values from Halo SAML Settings:

1. Identifier (Entity ID) -&gt; Entity ID
2. Reply URL (Assertion Consumer Service URL) -&gt; ACS URL
3. Logout Url (Optional) -&gt; Logout URL

Edit “Attributes &amp; Claims”. Create 2 new claims with the following values:

1. Name: first_name
 1. Namespace: &lt;empty&gt;
 2. Source: attribute
 3. Source Attribute: user.givenname
2. Name: last_name
 1. Namespace: &lt;empty&gt;
 2. Source: attribute
 3. Source Attribute: user.surname

Save the claims and return to the “Halo Security | SAML-based Sign-on” overview.

1. Edit the “Basic SAML Configuration”, then in a separate tab, open the <a href="https://www.halosecurity.com/user/account/company/saml" rel="nofollow noopener noreferrer" target="_blank">Halo Security SAML Authentication Settings</a>. Fill in the following fields using the predefined values from Halo SAML Settings:
 1. Identifier (Entity ID) -&gt; Entity ID
 2. Reply URL (Assertion Consumer Service URL) -&gt; ACS URL
 3. Logout Url (Optional) -&gt; Logout URL
2. Edit “Attributes &amp; Claims”. Create 2 new claims with the following values:
 1. Name: first_name
 1. Namespace: &lt;empty&gt;
 2. Source: attribute
 3. Source Attribute: user.givenname
 2. Name: last_name
 1. Namespace: &lt;empty&gt;
 2. Source: attribute
 3. Source Attribute: user.surname
3. Save the claims and return to the “Halo Security | SAML-based Sign-on” overview.

Navigate to the “Single-sign-on” view under “Manage” within AZURE.

1. Download “Certificate (Base64)” copy value into "Certificate" within HALO.
2. Copy the "Azure AD Identifier" value into "Issuer Entity ID" within HALO.
 1. <a href="https://sts.windows.net/XXX/" rel="nofollow noopener noreferrer" target="_blank">https://sts.windows.net/XXX/</a>

Navigate to the "Properties" view under "Manage" within Azure.

1. Copy the "User access URL" value into "SAML URL ID" within HALO.
 1. <a href="https://XXX.microsoft.com/signin/XXX?tenantId=XXX" rel="nofollow noopener noreferrer" target="_blank">https://XXX.microsoft.com/signin/XXX?tenantId=XXX</a>

1. Navigate to the “Single-sign-on” view under “Manage” within AZURE.
 1. Download “Certificate (Base64)” copy value into "Certificate" within HALO.
 2. Copy the "Azure AD Identifier" value into "Issuer Entity ID" within HALO.
 1. <a href="https://sts.windows.net/XXX/" rel="nofollow noopener noreferrer" target="_blank">https://sts.windows.net/XXX/</a>
2. Navigate to the "Properties" view under "Manage" within Azure.
 1. Copy the "User access URL" value into "SAML URL ID" within HALO.
 1. <a href="https://XXX.microsoft.com/signin/XXX?tenantId=XXX" rel="nofollow noopener noreferrer" target="_blank">https://XXX.microsoft.com/signin/XXX?tenantId=XXX</a>
3. Done

Azure Initial Setup

Azure SAML SSO Setup

Halo SAML Setup