All Collections
Knowledge Base
AWS Workloads
How To - AWS Workloads
How to configure Azure SSO with CloudRanger
How to configure Azure SSO with CloudRanger
Updated over a week ago

Overview

This article provides the steps to configure SSO for CloudRanger (DCP) using Azure as IdP.


πŸ“ Note
​CloudRanger only supports service provider initiated SSO from the management console. IDP-based SSO directly from Azure is not supported.


The configuration is performed in the following order:

  1. Configure the CloudRanger SSO application on Azure.

  2. Contact Druva Support to get the SSO configuration setup in CloudRanger.

  3. Update the CloudRanger SSO application on Azure with the correct Assertion Consumer Service URL and Entity ID.

Procedure

Step 1: Configure the CloudRanger SSO application on Azure

  1. Open Enterprise applications and click New application.
    ​

    Azure1.PNG
  2. Select Non-gallery application.
    ​

    Azure2.PNG
  3. Name the Application as CloudRanger SSO and click Next.
    ​

    Azure3.PNG
  4. Once your application is created, go to the Single sign-on section and select SAML.
    ​

    Azure4.PNG
  5. Edit the Basic SAML Configuration and add the following values and then save.

  • Entity ID: urn:auth0:cloudranger:xyzSSO

  • Assertion Consumer Service URL:

https://cloudranger.auth0.com/login/...nection=xyzSSO
Azure 5.PNG

6. Edit User Attributes & Claims and use the following claims:

Azure6.PNG

7. Under SAML Signing Certificate, download the Certificate(Base 64) and save it.

Azure 7.PNG

8. Under Set up CloudRanger SSO, copy the Login URL and Logout URL and save them in a notepad.

Azure8.PNG


​

Step 2: Contact Druva Support to get the SSO configuration setup in CloudRanger

  1. Contact Druva Support and provide the below information so that the configuration can be completed in CloudRanger backend.

  • Login URL

  • Logout URL

  • Base 64 certificate

  • The email domain(s) that your users will be logging in with, such as "example.com"

2. Druva Support will provide you the correct values for the following parameters once SSO has been configured in the backend.

  • Entity ID

  • Assertion Consumer Service URL

Step 3: Update the CloudRanger SSO application on Azure

  1. Open the CloudRanger SSO application in Azure and go to the Single sign-on section.

  2. Edit the Basic SAML Configuration,update the newly provided values, and save the configuration.
    ​

    Azure9.PNG
  3. SSO is now set up correctly and you can use your email address to sign in to CloudRanger.

Did this answer your question?