Ctrlk

Microsoft Entra ID SSO

You can configure Single Sign-On (SSO) with Microsoft Entra ID to secure access to Asset Panda Pro. This setup allows you to sign in with Microsoft Entra ID credentials, enhancing security and simplifying user access management.

The Microsoft Entra IDs interface and options may evolve. Refer to the Microsoft Entra ID documentation for additional context and reference.

Prerequisites

  • Entity ID and Reply URL provided by Asset Panda

  • Administrative access to Microsoft Entra ID

  • Access to the Enterprise Applications section in Microsoft Entra ID

If the Entity ID and ACS URL are unavailable, contact Asset Panda support to obtain the required details.

Search for or create an enterprise application

  1. Sign into the Microsoft Entra ID portal.

  2. Search for and open Microsoft Entra ID.

  3. Go to Microsoft Entra ID > Enterprise Applications.

  4. Search for and open the application.

If there is no application, create a new one:

  1. Click New application.

  2. Choose Create your own application.

  3. Enter a name and select Integrate any other application you don’t find in the gallery (Non-gallery).

  4. Click Create.

Configure SAML-based Single Sign-On

To configure the SSO settings between Asset Panda and Microsoft Entra ID:

  1. In Enterprise Applications, select Single Sign-On and choose SAML.

  2. Edit the Basic SAML Configuration:

    1. Enter the Identifier (Entity ID) as urn:amazon:cognito:sp:us-east-1_4jHsDgxlC

    2. Enter the Reply URL (Assertion Consumer Service URL) as https://ap-pioneer-951730251621.auth.us-east-1.amazoncognito.com/saml2/idpresponse

    3. Click Save.

  3. Edit User Attributes & Claims:

    1. Ensure a claim for the user's email is present.

    2. Add a new claim, if necessary:

      1. Set the Name to the emailaddress.

      2. Set the Source Attribute to user.mail.

      3. Save the claim.

  4. Download the SAML Metadata File:

    1. Go to the SAML Signing Certificate section.

    2. Select Download next to Federation Metadata XML.

    3. Use this file to complete the Microsoft Entra ID Integration setup with Asset Panda.

Assign users and groups

  1. In the Enterprise Applications, go to Users and Groups.

  2. Click Add user/group.

  3. Choose the users or groups to enable SSO.

  4. Click Assign. Assigned users can access Asset Panda through SSO.

Complete the Microsoft Entra ID integration setup with Asset Panda

  1. Return to Enterprise Applications and verify that the correct tenant is selected.

  2. Ensure that all necessary users are assigned to Users and Groups.

  3. Upload the downloaded SAML Metadata File to Asset Panda to complete the integration.

  4. Test the setup to confirm users can sign in using their Microsoft Entra ID credentials. If any issues arise, verify the setup, permissions, and assigned users.

Upload the SAML Metadata File to Asset Panda

  1. Log into Asset Panda Pro with an administrator account

  2. Navigate to Settings icon Settings > Preferences > Single sign-on (SSO).

  3. Click Add new SSO.

  4. Select the Enable Type to determine who can access Asset Panda through SSO:

    • Enable for all users: Enable SSO for all users in your organization, allowing them to authenticate using their Microsoft Entra ID or other identity provider credentials.

    • Enable for selected domains: Restrict SSO to users with email addresses from specific domains.

    • Disable for all users: Disable SSO for all users, preventing authentication via Microsoft Entra ID or other identity provider credentials.

  5. Enter a Connection Name that will be displayed during the login process.

  6. Upload the downloaded Metadata XML file. This file contains the necessary configuration to establish a secure connection between Asset Panda and your identity provider for SSO.

  7. Click Save.

PreviousGoogle Workspace SSONextOkta SSO

Last updated