This article provides instructions to integrate InsideView with Azure Active Directory (Azure AD).
Integrating InsideView with Azure AD provides you with the following benefits:
- You can control in Azure AD who has access to InsideView.
- You can enable your users to automatically get signed-on to InsideView (Single Sign-On) with their Azure AD accounts.
- You can manage your accounts in one central location - the Azure portal.
To configure Azure AD integration with InsideView, you need the following items:
- An Azure AD subscription
- A InsideView single sign-on enabled subscription
Note: To test the steps in this article, you should follow these recommendations:
- Do not use your production environment, unless it is necessary.
- If you don't have an Azure AD trial environment, you can get a one-month trial.
Configuring and Testing Azure AD Single Sign-On
To configure and test Azure AD single sign-on with InsideView, you need to complete the following steps:
- Adding InsideView from the gallery
- Configuring SAML Settings in Azure AD for InsideView Insights
- Configuring STS Settings for InsideView Insights Single Sign-On
- Assign the Insideview application to the users in Azure AD
Adding InsideView from the Gallery
To configure the integration of InsideView in to Azure AD, you need to add InsideView from the gallery to your list of managed SaaS apps. To add InsideView from the gallery, follow these steps:
|1||Go to Azure Active Directory||In the Azure portal, on the left navigation panel, click Azure Active Directory icon.
|2||Manage All Applications||Navigate to Enterprise applications. Then go to All applications.
|3||Add new application||To add new application, click New application button on the top of dialog.
|4||Search for InsideView||In the search box, enter InsideView.
|5||Select and add the InsideView application||In the results panel, select InsideView, and then click Add to add the application.
Configuring SAML Settings in Azure AD for InsideView Insights
In this section, you enable Azure AD single sign-on in the Azure portal and configure single sign-on in your InsideView application.
To configure Azure AD single sign-on with InsideView, perform the following steps:
|1||Go to Single sign-on in Azure||In the Azure portal, on the InsideView application integration page, click Single sign-on.
|2||Select Single sign-on mode||On the Single sign-on dialog, select Mode as SAML-based Sign-on to enable single sign-on.
|3||Set the SAML URLs||On the InsideView Domain and URLs section, perform the following steps:
In the Reply URL text box, type a URL using the following pattern:
The STS Name is a unique identifier for the SSO settings that you have configured in Insideview Insights. For example, if STS Name is Org_UniqueName, postback URL will be:
In the Set additional URLs section, enter the Identifier (Entity ID) as https://my.insideview.com.
|4||Set user attributes and claims||Select User Attributes & Claims and set the following attributes:
|5||Save the SAML Signing Certificate||On the SAML Signing Certificate section, click Certificate (Raw) and then save the certificate file on your computer.
Configuring STS Settings for InsideView Insights Single Sign-On
Note: Make sure that InsideView Insights username is same as Azure AD username to configure these settings.
|1||Open InsideView Admin Page||Log into InsideView Insights with Account administrator user credentials.|
|2||Add SAML details||Go to the Account Admin page and click SingleSignOn Settings. The following page opens:
Note: Use the above two check-boxes to restrict users of your account from using their credentials to login or change their passwords. As an account admin, you can use this feature to ensure your users login via SSO . This feature provides foolproof security when the employee leaves a company. An account admin, however, can login with the credentials even when the check box is selected.
|3||Enter the Attribute Statements||To add STS details, click Add SAML button in the above screen. Ensure the STS details are entered in a single line with no spaces.
Enter the following details for SAML setting that you just create in Azure:
|4||Finish the configuration||Click Save to finish the configuration.
Note: STS Name, SAML/WS-Fed Unsolicited Endpoint, STS Certificate, User ID, Email Mapping are mandatory fields. The Org ID, however, is an optional one. InsideView recommends email mapping and user ID be the same for ease-of-use. Also, note that the user ID coming from STS must belong to the same account where self-serve is configured. Just in case if a user is new, the system configures the user to the same account where SAML Self-serve is configured. You also need to ensure you provide an enterprise-wide unique name for the STS Name. Use the same STS name for your post-back URL.
Assign the Insideview application to the users in Azure AD
To assign users to InsideView application, perform the following steps:
|1||Go to applications in the Azure portal||In the Azure portal, open the applications view, and then navigate to the directory view and go to Enterprise applications then click All applications.
|2||Open the InsideView application||In the applications list, select InsideView.
|3||Go to Users and Groups||In the menu on the left, click Users and groups.
|4||Assign the application to a user group||Click Add. Then select Users and groups in the Add Assignment dialog.
On Users and groups dialog, select the the appropriate user in the Users list.
Click Select button in Users and groups dialog.
Click Assign button in Add Assignment dialog.