Configure Azure as the Identity Provider

Configure Azure as the Identity Provider

Role Required: SDAdmin

Follow the steps below to configure AssetExplorer as a service provider in Azure.
Before configuring, ensure that the AssetExplorer runs in HTTPS mode.
  1. Log in to your Azure domain.
  2. Under Azure Services, click Enterprise Applications.

  1. Click New Application > Create your own application.
  2. Provide a name for your application.
  3. Choose Integrate any other application you don't find in the gallery.
  4. Click Create.

  1. Click Single sign-on > SAML.

  1. On the displayed page, edit Step 1.
  2. Copy and paste the Entity ID and the Assertion URL from the AssetExplorer SAML configuration page.
  3. Under Logout URL, paste the Single Logout Service URL of AssetExplorer.
  4. Click Save.

Edit Step 2.
  1. Click Unique User Identifier and choose the name identifier format.
  2. To configure the identifier format, choose the Source as Attribute and select the relevant Source Attribute.
AssetExplorer supports persistent, transient, email address, and unspecified name identifier formats for login. Learn More.
  1. Click Save.

  1. Add additional attributes under Additional Claims. These attributes are used by the service provider to create a complete profile for dynamic users.
    1. To add additional attributes, click Add new claim.
    2. Provide a name for the claim. The service provider will use this to retrieve the value for the respective field.
    3. If you want to send the claim as URI, choose the URL prefix under Namespace.
    4. Select the Source as Attribute.
    5. Choose the Source Attribute.

  1. Edit Step 3 and select SHA-256 as the algorithm. Ensure that you choose the same in the AssetExplorer SAML configuration page.  
  2. Click   and select Raw certificate download to download the certificate. You will have to upload this certificate in the AssetExplorer SAML configuration page.
  3. Click Save.

  1. In Step 4, copy the Login URL to AssetExplorer.
You must paste the login URL for both Login URL and Logout URL in the AssetExplorer SAML configuration page. Learn more.
  1. On the left pane, click Users and Groups to add various users to the application.


You have now configured AssetExplorer as a service provider in Azure.

    • Related Articles

    • Configuring G Suite as the Identity Provider

      Role Required: SDAdmin Log in to Google Workspace. Go to Apps > Web and mobile apps. Click Add app > Add custom SAML app. Provide the App name and Description. Upload the App icon and click Continue. On the displayed page, download the certificate ...
    • Configuring OneLogin as Identity Provider

      Role Required: SDAdmin Log in your OneLogin domain and click Applications under the Applications tab. In the displayed page, click Add App. Search for SAML from the search box and select SAML Test Connector (Advanced) from the search results. Provide ...
    • Configuring ADFS 3.0 as the Identity Provider

      Role Required: SDAdmin Before you start the configuration process, make sure that the AssetExplorer application is running in the HTTPS mode. Then, configure AssetExplorer as a Relying Party Trust (RPT). This can be done either manually or using the ...
    • Configuring Okta as the Identity Provider

      Role Required: SDAdmin Log in to your Okta domain. Go to the Applications > Add Application. Click Create New App. From the displayed dialog box, choose SAML 2.0 as the sign-on method. Click Create. In the next window, provide a Name for your ...
    • Configure Depreciation

      Calculate the decrease in asset value over time. Depreciation details will be displayed under Financials tab in asset details page. From the asset details page: On the asset list view, select the asset to configure depreciation. The asset details ...