Recent Searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Microsoft Azure IdP SSO Integration Guide

            Created by Jason Carreiro, Modified on Thu, 21 Jul 2022 at 10:35 AM by Marc Chouinard

            Scenario:


            Proofpoint Essentials supports integration with Identity Providers for authentication adhering to Security Assertion Markup Language (SAML) standards. Multiple identity providers for an organization are fully supported.

            Proofpoint Essentials supports single sign-on (SSO) via Security Assertion Markup Language. When working with an external IdP, it can be set up as your identity provider (IdP) for SSO to Proofpoint Admin Console.

            Microsoft Azure Active Directory SAML/SSO Configuration

            1. Navigate to Administration > Account Management > Identity Providers.

              clipboard_ed6d9e743a57df22c428e7246e1fecdd6.png

            2. At the top right-hand corner, click Add Identity Provider.

            3. In the New Identity Provider dialog panel, add a meaningful name and description to the Identity Provider. The given name will display on the Identity Provider button on the main login screen.

              clipboard_e4ddffe173213d182b0eed2486fe44605.png

            4. In the Icon section, select the appropriate icon according to your desired integration. (Microsoft)

            5. Click Next.

            Configuring SAML/SSO In Azure Portal

            1. Log into Microsoft Azure portal as administrator.

            2. Go to Azure Active Directory > Enterprise applications.

            3. Click New Application then Create your own application.

            4. Give your app a name and select Integrate any other application you don't find in the gallery (Non-gallery).

              clipboard_e7fb1a674adce4e2b99a96488282fa0e7.png

            5. Click Create.

            6. Navigate to Properties.

            7. Change Assignment required? to No and save. If this option is set to yes, then users and other apps or services must first be assigned this application before being able to access it.

               clipboard_e76f7521c877203d6c59bd7defa6f4813.png

            8. Go to Single sign-on > SAML and edit Basic SAML Configuration.

            9. Copy and paste the values from Proofpoint Essentials Identity Provider setup into the Basic SAML Configuration fields.

              Microsoft Azure

              Proofpoint Essentials

              Identifier (Entity ID)Entity ID

              Reply URL (Assertion Consumer Service URL)

              Login URL

              Sign on URL (Optional)Login URL
              Logout Url (Optional)Logout URL

            10. Click Save and Close panel.

            11. On the same page, under SAML Signing Certificate click Edit.

              clipboard_e6ece7063a1dd77018119ab6f18287a2b.png

            17. Change Signing Option to Sign SAML response and assertion

                 clipboard_e93341cfe85626f4f4ee5cabd92edff6a.png

            18. Click Save and Close panel.


            19. Next, download Certificate (Base64).


            20. Under step 4, copy and paste the values into Proofpoint Essentials Identity Provider setup:

            Microsoft Azure

            Proofpoint Essentials

            Azure AD Identifier

            Identity Provider Single Sign-On URL

            Login URL

            Identity Provider Login URL

            Logout URL

            Identity Provider Logout URL

            Certificate from Step 11

            Identity Provider X.509 Certificate


            clipboard_e68e8b42a2c5c5339c22098ca922c72f6.png

            21. Click Enable Single Sign-On. When enabled, the Identity Provider Sign in with button will display on main login screen.


            22. Click Save and Close.





            Preview
            0 of 0