The instructions in this topic are provided for informational purposes only. Maximizer does not provide support for third-party product configuration. Consult with your systems administrator or Microsoft documentation for further details. |
- From the Azure AD enterprise applications; set up Single Sign On. For more information; consult the Microsoft Active Directory Documentation.
- During configuration; copy the following values to a simple text file:
- Under User Attributes & Claims; copy the “Claim name” value to a simple text file. This will be used later for the “Claim” field within Maximizer.
- Under Set up ; click the “Azure AD Identifier”; "Login URL"; and the "Logout URL" values respectively. This will be used later for the “Identity Provider Entity ID” field; the “Identity Provider URL” field; and the “Identity Provider Logout URL” field within Maximizer.
- Log on to Maximizer Web Access.
- Click the Settings icon in the left pane.
- Go to Administration Settings Single Sign-On.
-
Click Add Identity Provider; and provide the following details:
Field Description Identity Provider Entity ID Enter the Azure AD Identifier copied in step 4. Identity Provider Name Enter a friendly name for Azure AD. Identity Provider Certificate Enter a string as placeholder if Maximizer Service Provider Metadata has not been uploaded to Azure AD. Follow step 10; 11 and 12 to get the certificate from Azure AD and enter it into this field.
Identity Provider URL Enter Login URL copied in step 4. Identity Provider Logout URL
Enter Logout URL copied in step 4. HTTP Binding Type Select HTTP-POST Service Provider Entity ID
On-Premise: This field will be populated automatically.
CRM Live: You need to manually enter the URL of your CRM Live site.
Request Signing Certificate You need to create the certificate; sign with the supported signing algorithm; copy and paste the certificate into this field.
Signing Algorithm SHA 256 Assertion Email Claim Enter the value copied in step 3. Service Provider Metadata URL The field is blank by default. Follow step 10 and 11 to display the URL and add Maximizer as a Service Provider in Azure AD. - Save the changes.
- Open the Maximizer Identity Provider settings window again. You will find the Service Provide Metadata URL is displayed. Copy the URL to clipboard.
-
In the Azure dashboard; click Upload metadata file; enter the Maximizer Service Provider URL in the Select a File box; and click Open.
- Once the file is found and downloaded; click Add. You will see the Maximizer information being retrieved in the right-hand side panel. Click Save .
- From the SAML Signing Certificate section; click the Download link next to Certificate (Base64) and save this certificate to your local machine.
- Open the certificate in a simple editor and copy the string between the “ BEGIN CERTIFICATE-----" and “-----END CERTIFICATE ” tags. This will be used later for the “Identity Provider Certificate” field in your Maximizer database when setting up Maximizer to use Azure AD for authentication. Make sure the certificate is a valid X509 Certificate.
- In Maximizer Web Access; go to Settings Single Sign-On screen; and edit the Identity Provide you created. Paste the Azure certificate you created in the Identify Provider Certificate field.
- Lastly; in Azure on the left click on Users and groups; click Add user/group. Add any users or entire groups of users from your Azure AD that will be logging into Maximizer.